{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-28145", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "state": "PUBLISHED", "assignerShortName": "SEC-VLab", "dateReserved": "2024-03-05T09:15:40.202Z", "datePublished": "2024-12-12T13:36:34.917Z", "dateUpdated": "2025-11-03T21:54:31.104Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Scan2Net", "vendor": "Image Access GmbH", "versions": [{"changes": [{"at": "7.40", "status": "unaffected"}], "lessThan": "7.40", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"}, {"lang": "en", "type": "finder", "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p></p><p></p><div><p></p><div><div><div><div><p>An unauthenticated attacker can perform an SQL injection by accessing the <span style=\"background-color: rgb(253, 253, 253);\">/class/dbconnect.php&nbsp;</span>file and supplying malicious GET parameters. T<span style=\"background-color: rgb(255, 255, 255);\">he HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword.</span></p></div></div></div></div><div></div><p></p></div><p></p><p></p>"}], "value": "An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php\u00a0file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"}], "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2024-12-12T13:36:34.917Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://r.sec-consult.com/imageaccess"}, {"tags": ["patch"], "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal."}], "value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal."}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthenticated SQL Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-12-13T16:16:12.359376Z", "id": "CVE-2024-28145", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-13T16:18:02.936Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:54:31.104Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:54:31.104Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-28145", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-13T16:16:12.359376Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-13T16:17:57.410Z"}}], "cna": {"title": "Unauthenticated SQL Injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"}, {"lang": "en", "type": "finder", "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "affected": [{"vendor": "Image Access GmbH", "product": "Scan2Net", "versions": [{"status": "affected", "changes": [{"at": "7.40", "status": "unaffected"}], "version": "0", "lessThan": "7.40", "versionType": "custom"}], "defaultStatus": "affected"}], "exploits": [{"lang": "en", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.", "supportingMedia": [{"type": "text/html", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>", "base64": false}]}], "solutions": [{"lang": "en", "value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal.", "supportingMedia": [{"type": "text/html", "value": "The vendor provides a firmware update to version 7.40 (or higher) which can be downloaded via the vendor's customer server portal.", "base64": false}]}], "references": [{"url": "https://r.sec-consult.com/imageaccess", "tags": ["third-party-advisory"]}, {"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php\u00a0file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword.", "supportingMedia": [{"type": "text/html", "value": "<p></p><p></p><div><p></p><div><div><div><div><p>An unauthenticated attacker can perform an SQL injection by accessing the <span style=\"background-color: rgb(253, 253, 253);\">/class/dbconnect.php&nbsp;</span>file and supplying malicious GET parameters. T<span style=\"background-color: rgb(255, 255, 255);\">he HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword.</span></p></div></div></div></div><div></div><p></p></div><p></p><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2024-12-12T13:36:34.917Z"}}}, "cveMetadata": {"cveId": "CVE-2024-28145", "state": "PUBLISHED", "dateUpdated": "2025-11-03T21:54:31.104Z", "dateReserved": "2024-03-05T09:15:40.202Z", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "datePublished": "2024-12-12T13:36:34.917Z", "assignerShortName": "SEC-VLab"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php\u00a0file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword."}, {"lang": "es", "value": "Un atacante no autenticado puede realizar una inyecci\u00f3n SQL accediendo al archivo /class/dbconnect.php y suministrando par\u00e1metros GET maliciosos. Los par\u00e1metros HTTP GET search, table, field y value son vulnerables. Por ejemplo, se puede realizar una inyecci\u00f3n SQL en el par\u00e1metro \"field\" con la palabra clave UNION."}], "id": "CVE-2024-28145", "lastModified": "2025-11-03T22:16:50.503", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-12-12T14:15:22.467", "references": [{"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://r.sec-consult.com/imageaccess"}, {"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "type": "Secondary"}]}

{}