Deltaww Infrasuite Device Master — known CVE vulnerabilities
Every CVE whose affected-product data names Deltaww Infrasuite Device Master, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2022-38142 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway…
CVE-2022-41657 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be…
CVE-2023-1136 — CVSS 9.8 (critical): In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which…
CVE-2023-47207 — CVSS 9.8 (critical): In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with…
CVE-2022-41688 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify…
CVE-2022-41772 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path…
CVE-2023-1140 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that could allow an attacker to achieve…
CVE-2022-40202 — CVSS 9.8 (critical): The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An…
CVE-2022-41778 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the…
CVE-2023-34347 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an…
CVE-2023-39226 — CVSS 9.8 (critical): In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary…
CVE-2023-1133 — CVSS 9.8 (critical): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on…
CVE-2023-1144 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker…
CVE-2023-30765 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to…
CVE-2023-46690 — CVSS 8.8 (high): In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location…
CVE-2022-41779 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network packets without proper verification. If the…
CVE-2023-0444 — CVSS 8.8 (high): A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the…
CVE-2022-41644 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges…
CVE-2023-1139 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the…
CVE-2023-1141 — CVSS 8.8 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a command injection vulnerability that could allow an attacker…
CVE-2023-1143 — CVSS 8.8 (high): In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to…
CVE-2023-1145 — CVSS 7.8 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the…
CVE-2023-1135 — CVSS 7.8 (high): In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set incorrect directory permissions, which could…
CVE-2023-47279 — CVSS 7.5 (high): In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user…
CVE-2022-41629 — CVSS 7.5 (high): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which…
CVE-2022-41776 — CVSS 7.5 (high): Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration…
CVE-2023-1138 — CVSS 7.5 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain an improper access control vulnerability, which could allow an…
CVE-2023-1142 — CVSS 7.5 (high): In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files…
CVE-2023-1134 — CVSS 7.1 (high): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a path traversal vulnerability, which could allow an…
CVE-2023-34316 — CVSS 6.5 (medium): An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an…
CVE-2023-1137 — CVSS 6.5 (medium): Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which a low-level user could extract files…