Lucene search
China National Vulnerability DatabaseCNVD-2022-36031HistoryMay 05, 2022 - 12:00 a.m.
Delta Electronics DIAEnergie SQL Injection Vulnerability (CNVD-2022-36031)
2022-05-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
delta electronics diaenergie
industrial energy management
sql injection
vulnerability
handlerchart.ashx
arbitrary sql queries
database content
system commands
energy efficiency
EPSS
0.001
Percentile
49.3%
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency. A SQL injection vulnerability exists, which stems from a blind SQ injection in HandlerChart.ashx. The vulnerability can be exploited to inject arbitrary SQL queries, retrieve and modify database content, and execute system commands.
Related
cvelist
cvelist
CVE-2022-1366
2022-05-02 18:01:09
prion
prion
Sql injection
2022-05-02 18:15:00
nvd
nvd
CVE-2022-1366
2022-05-02 18:15:07
cve
cve
CVE-2022-1366
2022-05-02 18:15:07
checkpoint_advisories
checkpoint_advisories
Delta Electronics DIAEnergie SQL Injection (CVE-2022-1366)
2022-10-31 00:00:00
ics
ics
Delta Electronics DIAEnergie (Update C)
2022-08-02 12:00:00