Vulnerabilities > CVE-2022-41776 - Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
deltaww

Summary

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. This could lead to the changing of administrative passwords.

Vulnerable Configurations

Part Description Count
Application
Deltaww
2