Shodan
Vulnerabilities
Vulnerable Software
Deltaww:  Security Vulnerabilities
CVE-2021-32969
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-05-24
CVE-2022-1331
In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references of XML external entities while processing specific project files, which may allow unauthorized information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-03
CVE-2022-1367
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-05-02
CVE-2022-1369
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1370
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1371
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1372
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1374
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_unHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1375
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02
CVE-2022-1376
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved