CVE-2024-12913

HIGH

Megatek Communication System Azora Wireless Network Management <202...

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection. This issue affects Azora Wireless Network Management: through 20250916.  NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource government-resource broken-link
https://www.usom.gov.tr/bildirim/tr-25-0253

Scores

CVSS v3 8.8
EPSS 0.0016
EPSS Percentile 5.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
Megatek Communication System/Azora Wireless Network Management < 20250916
Published Sep 16, 2025
Tracked Since Feb 18, 2026