Severity: High
CVE ID: CVE-2024-6748
Product name | Affected Version(s) | Fixed Version(s) | Fixed On |
---|---|---|---|
OpManager OpManager Plus OpManager MSP RMM |
From version 128316 to 128317 | 128318 | 19-07-2024 |
From version 128234 to 128266 | 128267 | 22-07-2024 | |
Below version 128186 | 128186 | 24-07-2024 |
Details:
OpManager: The SQL injection vulnerability identified in the URL Monitoring has now been fixed.
Impact:
Using this SQL injection, it was possible to execute custom queries and access the database table entries.
Steps to upgrade:
Source and Acknowledgements
This vulnerability was reported by CrisprXiang, Cokebeer, and LFY.
Kindly contact our product support team for further details, at the below mentioned email address: