Volerion logoVolerion
Volerion logoVolerion

NetVision Information airPASS SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in the airPASS application by NetVision Information, specifically in versions 2.9.0.x and 3.0.0.x. This vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially leading to unauthorized reading, modification, or deletion of database contents.

Impact

Exploitation of this vulnerability allows for arbitrary SQL command injection, enabling attackers to manipulate the application's database. This could result in unauthorized data access, data modification, or data deletion.

Remediation

Users of airPASS version 2.9.0.x should update to version 2.9.0.241231 or later. Users of version 3.0.0.x should update to version 3.0.0.241231 or later. Assistance can be obtained through the application's distributor or directly from the manufacturer.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
5.0
exploitability
7.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.