Tpr7308
Monthly
SQL injection in TONNET's E-LAN Hybrid Recording System allows unauthenticated remote attackers to execute arbitrary SQL queries and exfiltrate database contents over the network. The CVSS 4.0 score of 8.7 reflects high confidentiality impact with no required privileges or user interaction, and no public exploit identified at time of analysis. The flaw is reported through TWCERT and affects TONNET's TPR7308 product line per CPE data.
SQL injection in TONNET's E-LAN Hybrid Recording System allows unauthenticated remote attackers to execute arbitrary SQL queries and exfiltrate database contents over the network. The CVSS 4.0 score of 8.7 reflects high confidentiality impact with no required privileges or user interaction, and no public exploit identified at time of analysis. The flaw is reported through TWCERT and affects TONNET's TPR7308 product line per CPE data.