CVE-2021-42334 HIGH

CVE-2021-42334: Huachu Digital Technology Co.,Ltd. Easytest - SQL Injection-2

Vendor Huachu Digital Technology Co.,Ltd.

Product Easytest

Weakness CWE-89 · SQLi

Published October 15, 2021

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions.

Key dates

02Disclosure timeline

October 15, 2021 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-42334 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

CVE-2021-42334: Huachu Digital Technology Co.,Ltd. Easytest - SQL Injection-2

01Description

02Disclosure timeline

03References

04Related CVE