TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center-ArmorX Global Technology Corporation ArmorX Spam

ArmorX Global Technology Corporation ArmorX Spam - SQL Injectoin

TVN ID	TVN-202312013
CVE ID	CVE-2023-48384
Affected Products	ArmorX Global Technology Corporation ArmorX Spam v8.15.2-2.872.088-1.90.027
Description	ArmorX Global Technology Corporation ArmorX Spam has insufficient validation for user input within a special function. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
Solution	Update version to v8.15.2-2.922.096-1.90.033
Credit	Dong-Jie Chen(CHT Security)
Public Date	2023-12-15

ArmorX Global Technology Corporation ArmorX Spam - SQL Injectoin