2 matches found
CVE-2022-41644
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges...
CVE-2022-41644
Delta Electronics InfraSuite Device Master (versions 00.00.01a and prior) suffers from Missing Authentication for Critical Function in the Change Group Privileges/ModifyPrivByID pathway, enabling an unauthenticated user to create a denial-of-service state or escalate privileges. This is supported...