Skip to main content

Sysguard 6001

2 CVEs product

Monthly

CVE-2026-8403 MEDIUM PATCH This Month

Stored cross-site scripting in SYSGUARD 6001 (versions 2.0.2 through before 6.1.4.0) by Eksagate Electronic Engineering and Computer Industry Trade Inc. permits remote unauthenticated attackers to inject persistent malicious scripts into the product's web interface, which execute in the browsers of any user who subsequently views the affected page. The vendor has confirmed the product is end-of-life and unsupported, meaning no patch will ever be issued, leaving all in-scope deployments permanently vulnerable. No public exploit code or CISA KEV listing exists at time of analysis.

XSS Sysguard 6001
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-8402 CRITICAL PATCH Act Now

Blind SQL injection in Eksagate SYSGUARD 6001 (versions 2.0.2 up to but not including 6.1.16.0) lets remote unauthenticated attackers inject crafted SQL through improperly neutralized input, enabling extraction or manipulation of backend database contents. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) rates it 9.8 Critical with full confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, but the vendor has confirmed the product is no longer supported, so no fix will be issued for affected branches.

SQLi Sysguard 6001
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Stored cross-site scripting in SYSGUARD 6001 (versions 2.0.2 through before 6.1.4.0) by Eksagate Electronic Engineering and Computer Industry Trade Inc. permits remote unauthenticated attackers to inject persistent malicious scripts into the product's web interface, which execute in the browsers of any user who subsequently views the affected page. The vendor has confirmed the product is end-of-life and unsupported, meaning no patch will ever be issued, leaving all in-scope deployments permanently vulnerable. No public exploit code or CISA KEV listing exists at time of analysis.

XSS Sysguard 6001
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Blind SQL injection in Eksagate SYSGUARD 6001 (versions 2.0.2 up to but not including 6.1.16.0) lets remote unauthenticated attackers inject crafted SQL through improperly neutralized input, enabling extraction or manipulation of backend database contents. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N) rates it 9.8 Critical with full confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, but the vendor has confirmed the product is no longer supported, so no fix will be issued for affected branches.

SQLi Sysguard 6001
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy