| Description: | | Beijing acrel Energy Management Co., Ltd. is a wholly-owned subsidiary of acrel Electric Co., LTD. The headquarters, acrel Electric Co., LTD., was established in 2003 and integrates R-D, production, sales and service. It is a high-tech joint-stock enterprise that provides energy efficiency management and power safety solutions for enterprise microgrids. There is an SQL injection vulnerability in the getmonitorrealdata interface of acrel Intelligent Environmental Protection Cloud Platform. Attackers can inject malicious SQL statements by constructing malicious request parameters, leading to database information leakage, data tampering, and even system privilege escalation, which affects the security and integrity of system data. |