जमा करें #835656: New H3C Technologies Co., Ltd. H3C SecPath F1000-C8300 Series Firewall latest CWE-89 (SQL Injection)जानकारी

शीर्षकNew H3C Technologies Co., Ltd. H3C SecPath F1000-C8300 Series Firewall latest CWE-89 (SQL Injection)
विवरणA Critical unauthenticated SQL injection vulnerability has been identified in the H3C Security Product Management Platform used by the H3C SecPath F1000-C8300 Series Firewall. The vulnerability exists in the /webui/?g=log_fw_nbc_mail_jsondata interface. The subject parameter is not properly validated or filtered before being used in backend SQL queries, allowing a remote attacker to inject malicious SQL statements. Successful exploitation may allow an unauthenticated attacker to obtain database privileges, enumerate database tables, extract sensitive information, and potentially modify backend data. This may further affect the confidentiality, integrity, and availability of the firewall management platform.
स्रोत⚠️ https://ucn9h68n9289.feishu.cn/docx/WCbgdWyJKoibcZxdsuMcUGKSnpf?from=from_copylink
उपयोगकर्ता
 bigbrother_man (UID 96003)
सबमिशन22/05/2026 10:16 AM (2 महीनों पहले)
संयम15/07/2026 09:19 PM (2 months later)
स्थितिस्वीकृत
VulDB प्रविष्टि379367 [H3C SecPath F1000-C8300 तक 20260522 ?g=log_fw_nbc_mail_jsondata subject SQL इंजेक्शन]
अंक20

Want to know what is going to be exploited?

We predict KEV entries!