CVE-2024-8877

CRITICAL EXPLOITED NUCLEI

Riello-ups Netman 204 Firmware < 4.05 - SQL Injection

Title source: rule

Description

Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05.

Nuclei Templates (1)

Riello Netman 204 - SQL Injection
CRITICALVERIFIEDby s4e-io
Shodan: title:"netman 204"
FOFA: title="netman 204"

References (2)

Scores

CVSS v3 9.8
EPSS 0.8380
EPSS Percentile 99.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-10-15
CWE
CWE-89
Status published
Products (1)
riello-ups/netman_204_firmware < 4.05
Published Sep 25, 2024
Tracked Since Feb 18, 2026