CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2022-25347

CVSS 9.8v3.1pub. 2022-03-29upd. 2024-11-21

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Deltaww Diaenergie

    APP
    Deltaww
    < 1.8.02.004
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2024-43699CRITICAL9.3PL βœ“ten sam produkt

SQL Injection w Delta Electronics DIAEnergie β€” dostΔ™p do danych bez uwierzytelnienia

CVE-2024-4548CRITICAL9.8PL βœ“ten sam produkt

SQL Injection w Delta Electronics DIAEnergie via RecalculateHDMWYC

CVE-2024-4547CRITICAL9.8PL βœ“ten sam produkt

SQL Injection w Delta Electronics DIAEnergie β€” nieuwierzytelniony dostΔ™p zdalny

CVE-2022-43774CRITICAL9.8ten sam produkt

The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow ...

CVE-2022-43775CRITICAL9.8ten sam produkt

The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an atta...

CVE-2022-25347 β€” Deltaww β€” Diaenergie β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl