CVE-2021-30176

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
13/04/2021
Last modified:
14/04/2021

Description

The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:zerof:expert:2.0:*:*:*:pro:*:*:*