CVE-2022-26338
CVE-2022-26338 affects Delta Electronics DIAEnergie. A blind SQL injection in DIAE_hierarchyHandler.ashx/HandlerPageP_KID.ashx (prior to 1.8.02.004) can enable arbitrary SQL execution, data retrieval/modification, and command execution. Mitigation: upgrade to 1.9 or later; apply network isolation...