NASA AIT-Core vulnerable to SQL Injection
NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.
Advisories for Pypi/Ait-Core package
2024
NASA AIT-Core vulnerable to remote code execution
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.
NASA AIT-Core vulnerable to remote code execution
An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet.
NASA AIT-Core vulnerable to remote code execution
An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string.
NASA AIT-Core uses unencrypted channels to exchange data over the network
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack.