Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1137
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext credentials of administrator users, resulting in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1138
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain an improper access control vulnerability, which could allow an malicious user to retrieve Gateway configuration files to obtain plaintext credentials.
Deltaww Infrasuite Device Master
NA
CVE-2023-1140
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability that could allow an malicious user to achieve unauthenticated remote code execution in the context of an administrator.
Deltaww Infrasuite Device Master
NA
CVE-2023-1141
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a command injection vulnerability that could allow an malicious user to inject arbitrary commands, which could result in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-1143
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could use Lua scripts, which could allow an malicious user to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
NA
CVE-2023-1144
Delta Electronics InfraSuite Device Master versions before 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
Deltaww Infrasuite Device Master
NA
CVE-2023-1145
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Deltaww Infrasuite Device Master
NA
CVE-2023-34316
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions before 1.0.7) patch, which could allow an malicious user to retrieve file contents.
Deltaww Infrasuite Device Master
NA
CVE-2023-34347
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
NA
CVE-2023-30765
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contain improper access controls that could allow an malicious user to alter privilege management configurations, resulting in privilege escalation.
Deltaww Infrasuite Device Master
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »