Intrusion Prevention

Ecava.IntegraXor.igmgr.DLL.getdata.SQL.Injection

Description

This indicates an attack attempt to exploit a SQL Injection vulnerability in Ecava IntegraXor.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted HTTP request. A remote attacker can exploit this to send a crafted query to execute SQL commands on a vulnerable server.

Affected Products

Ecava IntegraXor IGX 5.2.1231.0

Impact

System Compromise: Remote attackers can access or modify data in the database of the affected application

Recommended Actions

Upgrade to the latest version available from the website.
https://www.integraxor.com/download-scada/

CVE References

CVE-2017-6050