CVE-2023-35071

CRITICAL

MRV Logging Administration Panel < 20230915 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MRV Tech Logging Administration Panel allows SQL Injection. This issue affects Logging Administration Panel: before 20230915 .

References (2)

Core 2
Core References
Third Party Advisory government-resource broken-link
https://www.usom.gov.tr/bildirim/tr-23-0560

Scores

CVSS v3 9.8
EPSS 0.0056
EPSS Percentile 42.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (2)
mrv/logging_administration_panel < 20230915
MRV Tech/Logging Administration Panel < 20230915
Published Sep 27, 2023
Tracked Since Feb 18, 2026