4 matches found
CVE-2022-41657
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces APIs. This could create arbitrary files, which could be used in API operations and could ultimately...
CVE-2022-41657
Delta Electronics InfraSuite Device Master (versions 00.00.01a and earlier) is affected by multiple CVEs describing an in-memory deserialization/vector issue in file operation APIs that can lead to arbitrary file creation and remote code execution. ZDI advisories for CtrlLayerNWCmd_FileOperation ...
CVE-2022-41657
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces APIs. This could create arbitrary files, which could be used in API operations and could ultimately...
Delta Electronics InfraSuite Device Master
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Deserialization of Untrusted Data, Path Traversal, Missing Authentication for Critical Function 2. UPDATE OR REPOSTED INFORMATION...