Lucene search
HistoryOct 31, 2022 - 8:15 p.m.
CVE-2022-41772
delta electronics
infrasuite device master
zip archive
path traversal
remote code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.004
Percentile
73.0%
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution.
Affected configurations
Node
deltawwinfrasuite_device_masterRange<00.00.02a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| deltaww | infrasuite_device_master | * | cpe:2.3:a:deltaww:infrasuite_device_master:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-41772
2022-10-31 20:15:13
prion
prion
Path traversal
2022-10-31 20:15:00
cvelist
cvelist
CVE-2022-41772
2022-10-31 19:26:33
zdi
zdi
ics
ics
Delta Electronics InfraSuite Device Master (Update A)
2023-01-18 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.004
Percentile
73.0%
Related for NVD:CVE-2022-41772