Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-30765
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contain improper access controls that could allow an malicious user to alter privilege management configurations, resulting in privilege escalation.
Deltaww Infrasuite Device Master
1 Github repository
7.5
CVSSv3
CVE-2023-34316
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions before 1.0.7) patch, which could allow an malicious user to retrieve file contents.
Deltaww Infrasuite Device Master
9.1
CVSSv3
CVE-2022-41629
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an malicious user to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify...
Deltaww Infrasuite Device Master
8.8
CVSSv3
CVE-2022-41644
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.
Deltaww Infrasuite Device Master
7.5
CVSSv3
CVE-2022-41688
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user ...
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2023-1133
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated mal...
Deltaww Infrasuite Device Master
8.8
CVSSv3
CVE-2023-0444
A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'A...
Deltaww Infrasuite Device Master 00.00.02a
8.8
CVSSv3
CVE-2023-46690
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an malicious user to write to any file to any location of the filesystem, which could lead to remote code execution.
Deltaww Infrasuite Device Master 1.0.7
7.5
CVSSv3
CVE-2023-47279
In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated malicious user to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying.
Deltaww Infrasuite Device Master 1.0.7
9.8
CVSSv3
CVE-2023-47207
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated malicious user to execute code with local administrator privileges.
Deltaww Infrasuite Device Master 1.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »