2020-03-27 03:50:26
twcert
PUBLISHED
UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.