CVE-2026-27768
MEDIUMGenetec Security Center - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Title source: ruleDescription
SQL Injection affecting the Access Manager role.
References (3)
Core 3
Core References
Scores
CVSS v3
6.6
EPSS
0.0034
EPSS Percentile
25.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-89
Status
published
Products (7)
Genetec Inc./Genetec Security Center
<=5.10.4.31
Genetec Inc./Genetec Security Center
<=5.11.3.28
Genetec Inc./Genetec Security Center
<=5.9.5.11
Genetec Inc./Genetec Security Center
>=5.12.0.0 <5.12.2.17
Genetec Inc./Genetec Security Center
>=5.12.2.17
Genetec Inc./Genetec Security Center
>=5.13.0.0 <5.13.3.5
Genetec Inc./Genetec Security Center
>=5.13.3.5
Published
May 25, 2026
Tracked Since
May 25, 2026