CVE-2021-27234

CRITICAL

Mutare Voice <3.3.8 - SQL Injection

Title source: llm
STIX 2.1

Description

An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0098
EPSS Percentile 58.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
mutare/voice 3.0.0 - 3.3.8
Published Feb 16, 2021
Tracked Since Feb 18, 2026