CVE-2023-33366 Information

Description

A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1 which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands.

Reference

https://claroty.com/team82/disclosure-dashboard/cve-2023-33366 https://kb.supremainc.com/knowledge/doku.php?id=en:release_note_291