Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Critical Apache Traffic Control Vulnerability Allows Malicious SQL Injection

2024-12-30

A critical vulnerability (CVE-2024-45387) has been discovered in Apache Traffic Control versions 8.0.0 and 8.0.1. This flaw allows attackers with privileged roles like "admin" or "operations" to inject malicious SQL commands via crafted PUT requests. By manipulating database interaction input fields, attackers can execute SQL queries compromising the entire database, leading to unauthorized data access, modification, or deletion. This severely impacts the integrity and availability of CDN services. Security experts urge immediate updates to protect against SQL injection attacks.

(www.scworld.com)
Tech SQL Injection