CVE-2023-3717

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02.

critical 9.8 CVSS 3.1

Published: Aug 8, 2023

Modified: May 21, 2026

Vendor: Farmakom

Product: Remote Administration Console

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.

This issue affects Remote Administration Console: before 1.02.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0441
https://www.usom.gov.tr/bildirim/tr-23-0441
https://www.usom.gov.tr/bildirim/tr-23-0441

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Farmakom
Product	Remote Administration Console