CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2025/05/23 2:58 a.m.•3 views

CVE-2023-1133

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remote...

9.8CVSS7.4AI score0.86107EPSS

Exploits3References1

RedhatCVE•added 2025/05/23 2:33 a.m.•2 views

CVE-2023-1137

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext credentials of administrator users, resulting in privilege escalation...

8.8CVSS6.8AI score0.00176EPSS

Exploits0References1

OSV•added 2023/11/30 11:15 p.m.•2 views

CVE-2023-47279

In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying...

7.5CVSS5.7AI score

Exploits0References1

OSV•added 2023/11/30 10:15 p.m.•1 views

CVE-2023-47207

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges...

9.8CVSS5.9AI score0.02136EPSS

Exploits0References1

OSV•added 2023/07/10 7:15 p.m.•1 views

CVE-2023-34347

Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code...

9.8CVSS6AI score

Exploits0References1

BDU FSTEC•added 2023/04/17 12:0 a.m.•0 views

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time, due to insufficient validation of input data, allows attackers to exploit their privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

10CVSS0.00454EPSS

Exploits0References3Affected Software1

OSV•added 2023/03/27 3:15 p.m.•2 views

CVE-2023-1145

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution...

7.8CVSS7.6AI score0.00192EPSS

Exploits0References1

OSV•added 2023/03/27 3:15 p.m.•2 views

CVE-2023-1144

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation...

8.8CVSS7.3AI score0.00222EPSS

Exploits0References1

OSV•added 2023/03/27 3:15 p.m.•1 views

CVE-2023-1135

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set incorrect directory permissions, which could result in local privilege escalation...

7.8CVSS7.1AI score

Exploits0References1

CNNVD•added 2023/03/27 12:0 a.m.•1 views

Delta Electronics InfraSuite Device Master 安全漏洞

Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. An Access Control Error vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited by an attacker to cause ...

8.8CVSS7.1AI score0.00222EPSS

Exploits0References2

CNNVD•added 2023/03/27 12:0 a.m.•4 views

Delta Electronics InfraSuite Device Master 安全漏洞

Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. An Access Control Error vulnerability exists in Delta Electronics InfraSuite Device Master prior to version 1.0.5, which can be exploited by an attacker to retriev...

7.5CVSS6.8AI score0.00208EPSS

Exploits0References2

CNNVD•added 2023/03/27 12:0 a.m.•1 views

Delta Electronics InfraSuite Device Master 安全漏洞

8.8CVSS7.1AI score0.00176EPSS

Exploits0References2

CNNVD•added 2023/03/27 12:0 a.m.•2 views

Delta Electronics InfraSuite Device Master 代码问题漏洞

Delta Electronics InfraSuite Device Master is a device for simplifying and automating the monitoring of critical equipment from Delta Electronics of Taiwan, China. A deserialization vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited ...

8.8CVSS7AI score0.01114EPSS

Exploits0References2

The Hacker News•added 2023/03/22 1:9 p.m.•2 views

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released eight Industrial Control Systems ICS advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics'...

9.8CVSS9.1AI score0.86107EPSS

Exploits3

OSV•added 2022/10/31 8:15 p.m.•0 views

CVE-2022-41776

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. This could lead to the changing of administrativ...

7.5CVSS5.8AI score

Exploits0References1

OSV•added 2022/10/31 8:15 p.m.•2 views

CVE-2022-41629

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify configuration files such as...

9.1CVSS5.8AI score0.00261EPSS

Exploits0References1

OSV•added 2022/10/31 8:15 p.m.•1 views

CVE-2022-41688

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to th...

7.5CVSS5.8AI score0.00218EPSS

Exploits0References1

OSV•added 2022/10/31 8:15 p.m.•2 views

CVE-2022-41657

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces APIs. This could create arbitrary files, which could be used in API operations and could ultimately...

9.8CVSS6.1AI score0.0347EPSS

Exploits0References1

OSV•added 2022/10/31 8:15 p.m.•2 views

CVE-2022-38142

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization...

9.8CVSS6.1AI score

Exploits0References1

Positive Technologies•added 2022/10/27 12:0 a.m.•3 views

PT-2022-26063 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue concerns the mishandling of .ZIP archives containing characters used in path traversal, which could result in remote code execution. This path...

9.8CVSS9.7AI score0.03468EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by