Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30765
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contain improper access controls that could allow an malicious user to alter privilege management configurations, resulting in privilege escalation.
Deltaww Infrasuite Device Master
1 Github repository
NA
CVE-2022-41657
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations a...
Deltaww Infrasuite Device Master
NA
CVE-2022-41772
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2022-41644
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.
Deltaww Infrasuite Device Master
NA
CVE-2023-1134
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a path traversal vulnerability, which could allow an malicious user to read local files, disclose plaintext credentials, and escalate privileges.
Deltaww Infrasuite Device Master
NA
CVE-2023-1135
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could set incorrect directory permissions, which could result in local privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1136
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass.
Deltaww Infrasuite Device Master
NA
CVE-2023-1137
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext credentials of administrator users, resulting in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1138
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain an improper access control vulnerability, which could allow an malicious user to retrieve Gateway configuration files to obtain plaintext credentials.
Deltaww Infrasuite Device Master
NA
CVE-2023-1139
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a deserialization vulnerability targeting the Device-gateway service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Deltaww Infrasuite Device Master
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »