EUVD-2026-20886

ID: EUVD-2026-20886

Severity: high

CVSS v4: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control System version 9.8.5

Timestamps

Normalized: 2026-04-09T11:01:29Z UTC
Last updated: 2026-04-09T11:01:29Z UTC

References

No references provided.

VulnAI

EUVD-2026-20886

Description

Timestamps

References