Vulnerabilities > CVE-2022-1378 - Unspecified vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |