Delta Industrial Automationβs DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to
1.9.03.009
have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
diaenergie | lt | 1.9.03.009 |