Vulnerabilities > CVE-2021-38418 - Unspecified vulnerability in Deltaww Dialink 1.2.4.0

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

high complexity

deltaww

NVD

Published: 2021-11-03

Updated: 2024-11-21

Summary

Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the traffic and perform a machine-in-the-middle attack to access information without authorization.

Vulnerable Configurations

Part	Description	Count
Application	Deltaww Deltaww Dialink 1.2.4.0	1

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02
https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02