Vulnerabilities > Fit2Cloud > Rackshift

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-42405 SQL Injection vulnerability in Fit2Cloud Rackshift 1.7.1
SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary code via the `sort` parameter to taskService.list(), bareMetalService.list(), and switchService.list().
network
low complexity
fit2cloud CWE-89
critical
9.8