Details of VAR-202012-1627

ID

VAR-202012-1627

TITLE

Shenzhen Kemai Communication Technology Co., Ltd. RAS remote rapid application access solution standard version has SQL injection vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2020-69033

DESCRIPTION

Shenzhen Kemai Communication Technology Co., Ltd. is a high-tech enterprise in the field of intelligent Internet of Things. Kemai Communications integrates research on Internet of Things technology, intelligent product development and Internet of Things platform services, and is an enterprise with great potential for innovation. Shenzhen Kemai Communication Technology Co., Ltd. RAS remote rapid application access solution standard version has SQL injection vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information in the database.

Trust: 0.6

sources: CNVD: CNVD-2020-69033

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-69033

AFFECTED PRODUCTS

vendor:

kemai communication

model:

ras remote rapid application access program

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-69033

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-69033
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2020-69033
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-69033

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-69033

Trust: 0.6

sources: CNVD: CNVD-2020-69033

SOURCES

db:

CNVD

id:

CNVD-2020-69033

LAST UPDATE DATE

2022-05-04T10:07:21.016000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-69033

date:

2020-12-04T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-69033

date:

2020-12-31T00:00:00