CVE-2024-25530

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/get_find_condiction.aspx.

CVSS

No CVSS.

References

Link	Resource
https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx	Exploit Third Party Advisory
https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ruvar:ruvaroa:12.01:::::::*
	cpe:2.3:a:ruvar:ruvaroa:6.01:::::::*

History

17 Apr 2025, 17:18

Type	Values Removed	Values Added
References	~~() https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx -~~	() https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#get_find_condictionaspx - Exploit, Third Party Advisory
CPE		cpe:2.3:a:ruvar:ruvaroa:12.01:::::::* cpe:2.3:a:ruvar:ruvaroa:6.01:::::::*
First Time		Ruvar ruvaroa Ruvar

08 May 2024, 17:05

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-08 16:15

Updated : 2025-04-17 17:18

NVD link : CVE-2024-25530

Mitre link : CVE-2024-25530

JSON object : View

Products Affected

ruvar

CWE

No CWE.