3851 matches found
Remote code execution
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution...
Design/Logic Flaw
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges...
Design/Logic Flaw
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet...
CVE-2023-47279
Delta Electronics InfraSuite Device Master (version 1.0.7) is affected by CVE-2023-47279, a path traversal-related vulnerability permitting an unauthenticated attacker to disclose user information, obtain plaintext credentials, or perform NTLM relaying through a single UDP packet. This vulnerabil...
CVE-2023-47279 Delta Electronics InfraSuite Device Master Path Traversal
In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying...
CVE-2023-47279 Delta Electronics InfraSuite Device Master Path Traversal
In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying...
CVE-2023-47207
CVE-2023-47207 is a Deserialization of Untrusted Data vulnerability in Delta Electronics InfraSuite Device Master (v1.0.7 and earlier). An unauthenticated attacker can trigger code execution with local administrator privileges. The issue is part of a set of vulnerabilities affecting InfraSuite De...
CVE-2023-47207 Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges...
CVE-2023-46690 Delta Electronics InfraSuite Device Master Path Traversal
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution...
CVE-2023-46690
CVE-2023-46690 affects Delta Electronics InfraSuite Device Master (version 1.0.7 and earlier). The vulnerability is a path traversal flaw in the device master that allows an attacker to write to arbitrary files anywhere on the filesystem, potentially enabling remote code execution. Related adviso...
CVE-2023-39226 Delta Electronics InfraSuite Device Master Exposed Dangerous Method Or Function
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet...
CVE-2023-39226
Delta Electronics InfraSuite Device Master (v1.0.7 and earlier) is affected by CVE-2023-39226, where an unauthenticated attacker can execute arbitrary code by sending a single UDP packet via the RunScript method (Exposed Dangerous Method or Function). The affected component is the RunScript funct...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on November 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-334-01 Delta Electronics DOPSoft ICSA-23-334-02 Yokogawa STARDOM ICSA-23-334-03 PTC...
CVE-2023-46388
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
Delta Electronics InfraSuite Device Master Device-Gateway Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Device-Gateway service, which listens on TCP port 3100 by...
Delta Electronics InfraSuite Device Master Security Vulnerability
Delta Electronics InfraSuite Device Master is a device used to simplify and automate the monitoring of critical equipment from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics InfraSuite Device Master version v.1.0.7 that originates from a vulnerability that...
Delta Electronics InfraSuite Device Master Security Vulnerability
Delta Electronics InfraSuite Device Master is a device used to simplify and automate the monitoring of critical equipment from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics InfraSuite Device Master v.1.0.7 and prior versions, which originated from a...
CVE-2023-46383
LOYTEC electronics GmbH LINX Configurator all versions uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46385
CVE-2023-46385 affects LOYTEC electronics LINX Configurator (all versions). The vulnerability is caused by insecure permissions: an admin credential is passed as a value in URL parameters without encryption, enabling remote attackers to steal the password and gain full control of Loytec device co...
Delta Electronics InfraSuite Device Master Device-DataCollect Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Device-DataCollect service, which listens on TCP port 300...