⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: The impacted product is end-of-life and should be disconnected if still in use.. Due date: 2022-04-18.
CVE-2021-20028 — SQL Injection in SMA 210 Firmware
Severity
9.8CRITICALNVD
EPSS
80.6%
top 0.86%
CISA KEV
KEVRansomware
Added 2022-03-28
Due 2022-04-18
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedAug 4
KEV addedMar 28
KEV dueApr 18
Latest updateMay 24
CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.
Description
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages7 packages
🔴Vulnerability Details
3GHSA▶
GHSA-2gf8-x72h-g57r: ** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Ac↗2022-05-24
CVEList▶
CVE-2021-20028: Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specificall↗2021-08-04