3 matches found
CVE-2022-40202
CVE-2022-40202 affects Delta Electronics InfraSuite Device Master (versions 00.00.01a and prior). The issue is due to unauthenticated deserialization of user-controlled data that allows triggering a backup scheduling function, which can execute arbitrary files/arguments and enable remote code exe...
CVE-2022-40202
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious serialized objects which, when deserialized, could activate an opcode for a backup scheduling function without authentication...
Delta Electronics InfraSuite Device Master
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Path Traversal, Missing Authentication for Critical Function 2. UPDATE OR REPOSTED INFORMATION...