Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1140
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability that could allow an malicious user to achieve unauthenticated remote code execution in the context of an administrator.
Deltaww Infrasuite Device Master
NA
CVE-2023-1141
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a command injection vulnerability that could allow an malicious user to inject arbitrary commands, which could result in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-1143
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could use Lua scripts, which could allow an malicious user to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
NA
CVE-2023-1144
Delta Electronics InfraSuite Device Master versions before 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2022-41629
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an malicious user to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify...
Deltaww Infrasuite Device Master
NA
CVE-2022-41688
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user ...
Deltaww Infrasuite Device Master
NA
CVE-2022-41776
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an malicious user to provide new values for user configuration files such as UserListInfo.xml. This could lead to the c...
Deltaww Infrasuite Device Master
NA
CVE-2022-38142
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserializat...
Deltaww Infrasuite Device Master
NA
CVE-2023-34316
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions before 1.0.7) patch, which could allow an malicious user to retrieve file contents.
Deltaww Infrasuite Device Master
NA
CVE-2023-34347
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »