Vulnerabilities > Connectwise > Automate API

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2020-14159 SQL Injection vulnerability in Connectwise Automate API
By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user could execute commands and/or modifications within an individual Automate instance by triggering an SQL injection vulnerability in /LabTech/agent.aspx.
network
low complexity
connectwise CWE-89
6.5