Vulnerabilities > CVE-2022-41629 - Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. The attacker could then view and modify configuration files such as UserListInfo.xml, which would allow them to see existing administrative passwords.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |