Primary

Context

Hydrosystem Control System SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in Hydrosystem Control System, affecting all versions prior to 9.8.5. This vulnerability allows authenticated attackers to inject arbitrary SQL commands into most scripts and input parameters. The lack of protective measures could lead to full control over the database.

Impact

Exploitation of this vulnerability could allow an authenticated attacker to execute arbitrary SQL commands, potentially leading to unauthorized data access or manipulation, and in some cases, executing commands on the server.

Remediation

Users can upgrade to Hydrosystem Control System version 9.8.5 or later to address this vulnerability.

Added: Apr 9, 2026, 11:03 AM

Updated: Apr 9, 2026, 11:03 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.9

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.9

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hydrosystem Control System SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating