1. Home
  2. CVE Database
  3. CVE-2017-20195
MEDIUM · 5.5

CVE-2017-20195

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The man...

Vulnerability Description

A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named 264813c546dba03989ac0fc365f2022bf65e3be2. It is recommended to apply a patch to fix this issue.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2017-20195?

CVE-2017-20195 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The man...

How severe is CVE-2017-20195?

CVE-2017-20195 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-20195?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.