Lucene search
K

3858 matches found

CNVD
CNVD
added 2024/05/22 12:0 a.m.7 views

TOTOLINK X5000R pid parameter command injection vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R pid parameter, which originates from the pid parameter of /cgi-bin/cstecgi.cgi failing to properly filter construct command special characters, commands, etc. An...

8.8CVSS7.4AI score0.09253EPSS
Exploits1References1
CNVD
CNVD
added 2024/05/22 12:0 a.m.6 views

TOTOLINK X5000R password parameter command injection vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R password parameter, which originates from the password parameter of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters,...

8CVSS7.6AI score0.01831EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/13 12:0 a.m.23 views

Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.2AI score0.0039EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/13 12:0 a.m.38 views

Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apache ActiveMQ broker, which listens on TCP port 61616 b...

9.8CVSS7.7AI score0.99654EPSS
Exploits31References1
CNVD
CNVD
added 2024/05/10 12:0 a.m.7 views

Delta Electronics DIAEnergie SQL Injection Vulnerability (CNVD-2024-29663)

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China, for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and...

9.8CVSS7.6AI score0.29425EPSS
Exploits5References1
CNVD
CNVD
added 2024/05/10 12:0 a.m.21 views

Delta Electronics DIAEnergie Denial of Service Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. A denial of service vulnerability exists in Delta Electronics DIAEnergie, which originates from CEBC.exe restarting the system when processing ICS Restart messages. An attacker could...

7.5CVSS6.6AI score0.01109EPSS
Exploits1References1
CISA
CISA
added 2024/05/09 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on May 09, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-130-01 Rockwell Automation FactoryTalk Historian SE ICSA-24-130-02 alpitronic Hypercharge...

7AI score
Exploits0References4
ICS
ICS
added 2024/05/09 6:0 a.m.62 views

Delta Electronics InfraSuite Device Master

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : InfraSuite Device Master Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote...

10CVSS10AI score0.99654EPSS
Exploits31References10
CNVD
CNVD
added 2024/05/09 12:0 a.m.3 views

Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics CNCSoft-G2, which stems from a lack of proper validation of the length of user-supplied data before copying it into a stack-based...

7.8CVSS7.1AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.3 views

TOTOLINK EX1800T 安全漏洞

TOTOLINK EX1800T is a Wi-Fi range extender from China Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK EX1800T version V9.1.0cu.2112B20220316, which stems from a security issue in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, which...

9.8CVSS7AI score0.03848EPSS
Exploits1References2
CNVD
CNVD
added 2024/05/07 12:0 a.m.6 views

Delta Electronics DIAEnergie SQL Injection Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. A SQL injection vulnerability exists in Delta Electronics DIAEnergie. An attacker can use this vulnerability to view, add, modify, or delete information in the back-end database...

9.8CVSS7.5AI score0.01895EPSS
Exploits1References1
OSV
OSV
added 2024/05/06 2:15 p.m.1 views

CVE-2024-4547

A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/05/06 2:15 p.m.16 views

CVE-2024-4549

A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system...

7.5CVSS7.4AI score0.01109EPSS
Exploits1References1
OSV
OSV
added 2024/05/06 2:15 p.m.4 views

CVE-2024-4548

An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field...

9.8CVSS5.8AI score0.29425EPSS
Exploits5References1
NVD
NVD
added 2024/05/06 2:15 p.m.35 views

CVE-2024-4548

An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field...

9.8CVSS9.6AI score0.29425EPSS
Exploits5References1
NVD
NVD
added 2024/05/06 2:15 p.m.14 views

CVE-2024-4547

A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field...

9.8CVSS9.6AI score0.01895EPSS
Exploits1References1
OSV
OSV
added 2024/05/06 2:15 p.m.4 views

CVE-2024-4549

A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system...

7.5CVSS5.8AI score0.01109EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/06 1:54 p.m.18 views

CVE-2024-4549 Delta Electronics DIAEnergie SQL Injection

A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system...

7.5CVSS6.8AI score0.01109EPSS
Exploits1References1
CVE
CVE
added 2024/05/06 1:54 p.m.60 views

CVE-2024-4549

CVE-2024-4549 is a denial-of-service vulnerability in Delta Electronics DIAEnergie (v1.10.1.8610 and earlier). When processing an ICS Restart! message, CEBC.exe restarts the system, enabling an external attacker to cause a DoS. CVSSv3.1 base metrics: 7.5 (HIGH), AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

7.5CVSS6.7AI score0.01109EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/05/06 1:54 p.m.17 views

CVE-2024-4549 Delta Electronics DIAEnergie SQL Injection

A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system...

7.5CVSS7.5AI score0.01109EPSS
Exploits1References1
Rows per page
Query Builder