Vulnerabilities > Fidelissecurity > Deception > 9.3.3

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-35048 SQL Injection vulnerability in Fidelissecurity Deception and Network
Vulnerability in Fidelis Network and Deception CommandPost enables unauthenticated SQL injection through the web interface.
network
low complexity
fidelissecurity CWE-89
critical
 9.8
9.8
2021-06-25 CVE-2021-35049 OS Command Injection vulnerability in Fidelissecurity Deception and Network
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command injection through the web interface.
network
low complexity
fidelissecurity CWE-78
8.8
8.8