module

DIAEnergie SQL Injection (CVE-2024-4548)

Try Surface Command
Back to search
Disclosed
May 6, 2024

Description

SQL injection vulnerability in DIAEnergie This vulnerability can be exploited by an unauthenticated remote attacker to gain arbitrary code execution through a SQL injection vulnerability in the CEBC service. The commands will get executed in the context of NT AUTHORITY\SYSTEM.
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today