Home

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection.This issue affects Azora Wireless Network Management: through 20250916.  NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available.

PUBLISHED Reserved 2024-12-24 | Published 2025-09-16 | Updated 2025-09-23 | Assigner TR-CERT




HIGH: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Product status

Default status
affected

Any version
affected

Credits

Cihan Mehmet DOĞAN finder

Berk IMRAN analyst

Kaan ATMACA analyst

Secure Future Bilgi Teknolojileri sponsor

References

www.usom.gov.tr/bildirim/tr-25-0253

cve.org (CVE-2024-12913)

nvd.nist.gov (CVE-2024-12913)

Download JSON