CVE-2014-3932
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0029 (0.3%)
Percentil: 52.6%
EPSS: 2026-05-06
Afecta
cososys:endpoint_protectorDescripción técnica
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Publicada: 2/6/2014, 14:55:03
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/58878
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140521-CoSoSys_Endpoint_Protector_Multiple_Vulnerabilities_v10_wo_poc.txt
- http://secunia.com/advisories/58878
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140521-CoSoSys_Endpoint_Protector_Multiple_Vulnerabilities_v10_wo_poc.txt