{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-30T14:34:20.241","vulnerabilities":[{"cve":{"id":"CVE-2024-29667","sourceIdentifier":"cve@mitre.org","published":"2024-03-29T18:15:08.057","lastModified":"2026-06-17T07:22:56.280","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 a v.7.31.0.3 permite a un atacante remoto escalar privilegios y obtener información confidencial a través del parámetro ids."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tongtianxing_technology_co_ltd","product":"cmsv6","defaultStatus":"unknown","cpes":["cpe:2.3:a:tongtianxing_technology_co_ltd:cmsv6:*:*:*:*:*:*:*:*"],"versions":[{"version":"v.7.31.0.2","lessThanOrEqual":"v.7.31.0.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-01T18:08:31.341530Z","id":"CVE-2024-29667","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://github.com/whgojp/cve-reports/wiki/CMSV6-vehicle-monitoring-platform-system-SQL-injection","source":"cve@mitre.org"},{"url":"https://github.com/whgojp/cve-reports/wiki/CMSV6-vehicle-monitoring-platform-system-SQL-injection","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}