Vulnerabilities > Deltaww

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-17	CVE-2022-43452	SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network network low complexity deltaww CWE-89	8.8
2022-11-17	CVE-2022-43457	SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network network low complexity deltaww CWE-89	8.8
2022-11-17	CVE-2022-43506	SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network network low complexity deltaww CWE-89	8.8
2022-10-31	CVE-2022-38142	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. network low complexity deltaww critical	9.8
2022-10-31	CVE-2022-40202	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. network low complexity deltaww critical	9.8
2022-10-31	CVE-2022-41629	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve any file from the “RunningConfigs” directory. network low complexity deltaww critical	9.1
2022-10-31	CVE-2022-41644	Missing Authentication for Critical Function vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. network low complexity deltaww CWE-306	8.8
2022-10-31	CVE-2022-41657	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). network low complexity deltaww critical	9.8
2022-10-31	CVE-2022-41688	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. network low complexity deltaww	7.5
2022-10-31	CVE-2022-41772	Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. network low complexity deltaww critical	9.8

Vulnerabilities > Deltaww {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Deltaww"}]}

Vulnerabilities > Deltaww