Lucene search
IcscertCVELIST:CVE-2022-41772HistoryOct 31, 2022 - 7:26 p.m.
CVE-2022-41772
2022-10-3119:26:33
CWE-22
icscert
www.cve.org
3
delta electronics
infrasuite device
zip
path traversal
remote code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.004
Percentile
73.0%
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "InfraSuite Device Master",
"vendor": "Delta Electronics",
"versions": [
{
"lessThanOrEqual": "00.00.01a",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-41772
2022-10-31 20:15:13
prion
prion
Path traversal
2022-10-31 20:15:00
cve
cve
CVE-2022-41772
2022-10-31 20:15:13
zdi
zdi
ics
ics
Delta Electronics InfraSuite Device Master (Update A)
2023-01-18 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.004
Percentile
73.0%
Related for CVELIST:CVE-2022-41772