Lucene search
K

295 matches found

ICS
ICS
added 2024/10/29 6:0 a.m.25 views

Delta Electronics InfraSuite Device Master

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : InfraSuite Device Master Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

9.8CVSS8.5AI score0.177EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/08/13 12:33 p.m.27 views

CVE-2024-38502 Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows stored XSS

An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once...

7.1CVSS0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 12:33 p.m.30 views

CVE-2024-38502 Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows stored XSS

An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once...

7.1CVSS5.9AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 12:32 p.m.38 views

CVE-2024-5849 Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows reflected XSS

An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once...

7.1CVSS0.00355EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/13 12:0 a.m.38 views

Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apache ActiveMQ broker, which listens on TCP port 61616 b...

9.8CVSS7.7AI score0.99654EPSS
Exploits31References1
ICS
ICS
added 2024/05/09 6:0 a.m.63 views

Delta Electronics InfraSuite Device Master

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : InfraSuite Device Master Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote...

10CVSS10AI score0.99654EPSS
Exploits31References10
BDU FSTEC
BDU FSTEC
added 2024/03/05 12:0 a.m.6 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time, due to deficiencies in the deserialization mechanism, allows a perpetrator to execute arbitrary code.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.00951EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in its ability to restore unreliable data in memory, allowing an attacker to execute commands with local administrator privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute code with local administrator privileges...

10CVSS8AI score0.16573EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.9 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time arises from an incorrect limitation on the path name to the restricted access catalog. This allows a perpetrator to write to any file anywhere within the file system.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability allows a malicious actor to write to any file anywhere within the file syst...

9CVSS7.6AI score0.0153EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.9 views

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in improper restrictions on path names in the catalog. This allows attackers to disclose user information, obtain login credentials in plain text, or perform NTLM relay attacks.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose user information, obtain login credentials in...

7.8CVSS7.2AI score0.01118EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.5 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in real-time monitoring of devices, related to the use of dangerous methods or functions, allows a perpetrator to execute arbitrary codes.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to the use of dangerous methods or functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted UDP packet...

10CVSS8.2AI score0.01175EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2023/11/30 11:15 p.m.15 views

Design/Logic Flaw

In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying...

5CVSS6.8AI score0.01118EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/30 10:15 p.m.6 views

CVE-2023-46690

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution...

8.8CVSS6.1AI score0.0153EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 10:15 p.m.3 views

CVE-2023-39226

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet...

9.8CVSS6.1AI score0.01175EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 10:15 p.m.20 views

CVE-2023-39226

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet...

9.8CVSS0.01175EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 10:15 p.m.17 views

Design/Logic Flaw

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet...

7.5CVSS8.1AI score0.01175EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 10:15 p.m.26 views

Remote code execution

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution...

6.5CVSS7.9AI score0.0153EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 10:15 p.m.18 views

Design/Logic Flaw

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges...

7.5CVSS7.5AI score0.16573EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/30 10:12 p.m.64 views

CVE-2023-47279

Delta Electronics InfraSuite Device Master (version 1.0.7) is affected by CVE-2023-47279, a path traversal-related vulnerability permitting an unauthenticated attacker to disclose user information, obtain plaintext credentials, or perform NTLM relaying through a single UDP packet. This vulnerabil...

7.5CVSS7.5AI score0.01118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/30 10:9 p.m.21 views

CVE-2023-47207 Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges...

9.8CVSS9.6AI score0.16573EPSS
Exploits0References1
Rows per page
Query Builder