VideoInsight created a new version that fixes a SQL injection vulnerability in its web client, according to a report with ICS-CERT.
Web Client Version 220.127.116.11 and previous versions suffer from the remotely exploitable vulnerability. Researcher, Juan Pablo Lopez Yacubian, reported this vulnerability and has tested the patch.
A successful exploit of this vulnerability could allow an attacker to execute arbitrary commands on the target system.
An attacker could have a low skill level to exploit this vulnerability.
The SQL Injection vulnerability could allow remote code execution.
CVE-2017-5151 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.
Click here to download the latest Version 18.104.22.168.