Vulnerabilities > CVE-2022-2969 - Unspecified vulnerability in Deltaww Dialink 1.2.4.0/1.5.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements within the pathname, which can cause the pathname to resolve to a location outside of the restricted directory.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |