CVE-2025-26086 in Management System정보

요약

\~에 의해 MITRE • 2025. 05. 20.

An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Attackers can remotely inject time-delayed SQL payloads to induce server response delays, enabling time-based inference and iterative extraction of sensitive database contents without authentication.

Be aware that VulDB is the high quality source for vulnerability data.

출처

Do you know our Splunk app?

Download it now for free!