HomePentest-Tools.com Logo

Eyes Of Network (EON) 5.1 < 5.3-3 SQL Injection Vulnerability CVE-2020-9465

Severity
CVSSv3 Score
9.8
Vulnerability description

Eyes Of Network (EON) is prone to an unauthenticated SQL injection vulnerability.

Risk description

The eonweb web interface is prone to an SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.

Recommendation

Update to version 5.3-3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 28, 2020
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available