Primary

Context

Y'S Corporation STEALTHONE D220/D340 SQL Injection Vulnerability

Vulnerability

Patched

A SQL injection vulnerability has been identified in the STEALTHONE D220 and D340 models, both running firmware through version 6.03.02. This vulnerability allows an attacker with access to the device to retrieve the administrative password for the web management interface.

Impact

Exploitation of this vulnerability enables an attacker to obtain the administrative password for the web management page.

Remediation

Users are advised to update the firmware to the latest version. The updated firmware for the D220 and D340 models is available on the STEALTHONE D Series product page. For the D440 model, firmware version 7.00.11 can be downloaded from the D440 product page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Y'S Corporation STEALTHONE D220/D340 SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Y'S STEALTHONE D220

Y'S STEALTHONE D340

Y'S STEALTHONE D440

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating