The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25157
Reference (s):
- https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02
- URL: https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02