Vulnerabilities > CVE-2021-38424 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Deltaww Dialink 1.2.4.0

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application.

Vulnerable Configurations

Part Description Count
Application
Deltaww
1