Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 12:41 a.m.11 views

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

9.8CVSS7.6AI score0.01488EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.52 views

Delta Electronics DIAEnergie Hard-coded JWT Key (CVE-2022-3214)

Binary data deltaelectronicsdiaenergiecve-2022-3214.nbin...

9.8CVSS9.6AI score0.01488EPSS
Exploits0References2
Amazon
Amazon
added 2022/10/21 12:0 a.m.33 views

Important: golang-github-gorilla-context

Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...

9.3CVSS8.4AI score0.0995EPSS
Exploits7
ICS
ICS
added 2022/09/19 6:0 a.m.63 views

Delta Electronics DIAEnergie

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Delta Electronics Equipment: DIAEnergie Vulnerabilities: Use of Hard-coded Credentials 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled...

9.8CVSS10AI score0.01488EPSS
Exploits0References8
CVE
CVE
added 2022/09/16 6:5 p.m.90 views

CVE-2022-3214

CVE-2022-3214 affects Delta Electronics DIAEnergie. Vulnerable in DIAEnergie before version 1.9.03.009 due to CWE-798 hard-coded credentials; an unauthenticated attacker could upload executables via a hard-coded bearer authorization, enabling remote code execution. CVSS v3.1 base score 9.8 (Netwo...

9.8CVSS7.8AI score0.01488EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder