Security Advisory

CVE-2025-29980

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 19:03:05

Last updated 2025-04-07 20:37:39

Assigner cisa-cg

State PUBLISHED

Description

A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.77. eTRAKiT.Net is no longer supported, and users are recommended to migrate to the latest version of CentralSquare Community Development.

← Browse all CVEs View on cve.org ↗