Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-41688
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user ...
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2022-41657
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations a...
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2023-1133
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated mal...
Deltaww Infrasuite Device Master
7.5
CVSSv3
CVE-2023-1138
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain an improper access control vulnerability, which could allow an malicious user to retrieve Gateway configuration files to obtain plaintext credentials.
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2022-38142
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserializat...
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2022-40202
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious serialized objects which, when deserialized, could activate an opcode for a backup scheduling function without...
Deltaww Infrasuite Device Master
9.8
CVSSv3
CVE-2023-39226
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated malicious user to execute arbitrary code through a single UDP packet.
Deltaww Infrasuite Device Master 1.0.7
8.8
CVSSv3
CVE-2023-0444
A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'A...
Deltaww Infrasuite Device Master 00.00.02a
8.8
CVSSv3
CVE-2023-46690
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an malicious user to write to any file to any location of the filesystem, which could lead to remote code execution.
Deltaww Infrasuite Device Master 1.0.7
9.8
CVSSv3
CVE-2023-47207
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated malicious user to execute code with local administrator privileges.
Deltaww Infrasuite Device Master 1.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »