CyberSec.Space Logo
Back to CVE Browser

CVE-2015-6028

HIGH
8.8
CVSS Severity Score
EPSS Score0.1130%
EPSS Percentile23.28th
PublishedApr 10, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.

Affected Platforms (CPE)

📦
Castlerock

Snmpc

= 9.0
📦
Castlerock

Snmpc

= 12.1

References & Advisories

🔗 https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems
🔗 https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems

Related Vulnerabilities

CVE-2008-221410.0

Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause...

CVE-2003-074510.0

SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges...

CVE-2020-115538.8

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.

CVE-2019-134947.8

nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable stri...