Vulnerabilities > Untangle > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-18647 | Command Injection vulnerability in Untangle NG Firewall 14.2.0 The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. | 7.2 |
| 2019-11-14 | CVE-2019-18646 | SQL Injection vulnerability in Untangle NG Firewall 14.2.0 The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user. | 7.2 |