CVE-2022-1358

CWE-89: IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION')
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.

Risk Information

  • CVE ID
  • CVE-2022-1358
  • Vendor
  • Cambium Networks
  • Product
  • cnMaestro
  • CVSS v3
  • 5.9