Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww infrasuite device master vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1133
Delta Electronics InfraSuite Device Master versions before 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated mal...
Deltaww Infrasuite Device Master
NA
CVE-2022-41657
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations a...
Deltaww Infrasuite Device Master
NA
CVE-2022-38142
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserializat...
Deltaww Infrasuite Device Master
NA
CVE-2023-30765
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contain improper access controls that could allow an malicious user to alter privilege management configurations, resulting in privilege escalation.
Deltaww Infrasuite Device Master
1 Github repository
NA
CVE-2022-41629
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an malicious user to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify...
Deltaww Infrasuite Device Master
NA
CVE-2022-41644
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.
Deltaww Infrasuite Device Master
NA
CVE-2023-34316
?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions before 1.0.7) patch, which could allow an malicious user to retrieve file contents.
Deltaww Infrasuite Device Master
NA
CVE-2023-34347
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.
Deltaww Infrasuite Device Master
NA
CVE-2023-1134
Delta Electronics InfraSuite Device Master versions before 1.0.5 are affected by a path traversal vulnerability, which could allow an malicious user to read local files, disclose plaintext credentials, and escalate privileges.
Deltaww Infrasuite Device Master
NA
CVE-2023-1135
In Delta Electronics InfraSuite Device Master versions before 1.0.5, an attacker could set incorrect directory permissions, which could result in local privilege escalation.
Deltaww Infrasuite Device Master
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »