The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time lies in the lack of authentication for a critical function, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the lack of authentication for critical functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Delta Electronics InfraSuite Device Master 访问控制错误漏洞

Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. An authentication error vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited by an attacker to achiev...

TOTOLINK A7100RU Command Injection Vulnerability (CNVD-2023-51676)

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A7100RU suffers from a command injection vulnerability that stems from the enabled parameter of cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters, commands, etc., whi...

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released eight Industrial Control Systems ICS advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics'...

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released eight Industrial Control Systems ICS advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics'...

PT-2023-2196 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to a deserialization vulnerability in the Device-gateway service, which could allow deserialization of requests prior to authentication,...

PT-2023-2320 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to errors in code generation, allowing an attacker to remotely execute arbitrary code by running Lua scripts. This could enable an attacker t...

PT-2023-2353 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to a path traversal vulnerability, which could allow an attacker to read local files, disclose plaintext credentials, and escalate privileges...

PT-2023-2188 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to a deserialization vulnerability in the Device-DataCollect service, which could allow deserialization of requests prior to authentication,...

PT-2023-2322 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to improper access control, which could allow an attacker to retrieve Gateway configuration files and obtain plaintext credentials. This coul...

PT-2023-2324 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to the installation of incorrect directory permissions, which could allow an attacker to escalate their privileges locally. Recommendations:...

PT-2023-1954 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to a lack of authentication for a critical function, which could allow an attacker to achieve unauthenticated remote code execution in the...

PT-2023-2346 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to insufficient input validation in the Delta Electronics InfraSuite Device Master software, which could allow an unauthenticated attacker to...

PT-2023-2345 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to insufficient authorization mechanisms in the Device-Gateway service of the Delta Electronics InfraSuite Device Master software. This can b...

The vulnerability of the Malformed File Handler component in the DOPSoft software, which is used for programming operator panels of Delta Electronics, allows a hacker to execute arbitrary code.

The vulnerability of the Malformed File Handler component in DOPSoft software, which is used for programming operator panels by Delta Electronics, relates to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially...

The vulnerability of the lform/net_diagnose component of Delta Electronics’ DX-2100-L1-CN microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the lform/netdiagnose component of Delta Electronics’ DX-2100-L1-CN router software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the web configuration service of Delta Electronics DX-2100-L1-CN microprogrammed router software allows a hacker to execute arbitrary code.

The vulnerability of the web configuration service of Delta Electronics DX-2100-L1-CN microprogrammed router software exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the DOPSoft software, designed for programming operator panels of Delta Electronics, arises from buffer overflows in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the DOPSoft software, designed for programming operator panels by Delta Electronics, is due to buffer overflow on the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted file...

CVE-2022-45551

An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint...

CVE-2022-45552

An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...