CVE advisoryCRITICAL
CVE-2023-5047
Attacker can steal sensitive data or take control of DRD DRDrive systems
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A critical SQL injection flaw in DRD's DRDrive software allows unauthenticated attackers to steal or modify sensitive data. This is a serious concern because the vulnerability is easily exploitable over the internet.