Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an malicious user to remotely execute code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
deltaww dialink |