Remote Code Execution via SQL Injection in TrueConf Server 5.2.0.10225
CVE-2022-46764 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.