Check Point Reference: |
CPAI-2024-0208 |
Date Published: |
30 Apr 2024 |
Severity: |
Medium
|
Last Updated: |
Tuesday 30 April, 2024 |
Source: |
|
Industry Reference: | CVE-2024-23975
|
Protection Provided by: |
Security Gateway R81, R80, R77, R75 |
Who is Vulnerable? | Delta Electronics DIAEnergie prior to 1.10.00.005 |
Vulnerability Description |
An SQL injection vulnerability exists for Delta Industrial Automation DIAEnergie. This vulnerability is due to improper input validation in the GetDIAE_slogListParameters component.Successfully exploiting these vulnerabilities could result in SQL injection or, in the worst case, remote code execution in the context of MSSQLSERVER. |