Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1138
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain an improper access control vulnerability, which could allow an malicious user to retrieve Gateway configuration files to obtain plaintext credentials.
Deltaww Infrasuite Device Master
NA
CVE-2023-1139
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a deserialization vulnerability targeting the Device-gateway service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-1140
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability that could allow an malicious user to achieve unauthenticated remote code execution in the context of an administrator.
Deltaww Infrasuite Device Master
NA
CVE-2023-1141
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a command injection vulnerability that could allow an malicious user to inject arbitrary commands, which could result in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-1142
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1143
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could use Lua scripts, which could allow an malicious user to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
NA
CVE-2023-1144
Delta Electronics InfraSuite Device Master versions before 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1145
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-1133
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated mal...
Deltaww Infrasuite Device Master
NA
CVE-2022-38142
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserializat...
Deltaww Infrasuite Device Master
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »