CVE-2023-3000

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypass. This issue affects ErMon: before 230602.

critical 9.8 CVSS 3.1

Published: Jun 2, 2023

Modified: May 22, 2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypass.

This issue affects ErMon: before 230602.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0315
https://www.usom.gov.tr/bildirim/tr-23-0315
https://www.usom.gov.tr/bildirim/tr-23-0315

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Erikogluteknoloji
Product	Energy Monitoring