Icx500 Firmware
CVE-2025-64092
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database.
AnalysisAI
This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database. [CVSS 7.5 HIGH]
Technical ContextAI
Classified as CWE-89 (SQL Injection). Affects Icx500 Firmware. This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database.
RemediationAI
Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation. Restrict network access to the affected service where possible.
More in Icx500 Firmware
View allSame weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today