Shodan
Vulnerabilities
Vulnerable Software
Deltaww:  >> Diaenergie  >> 1.9.01.002  Security Vulnerabilities
CVE-2022-43452
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVSS Score
8.8
EPSS Score
0.014
Published
2022-11-17
CVE-2022-43457
SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-17
CVE-2022-43506
SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-17
CVE-2022-41775
SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-17
CVE-2022-3214
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to  1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.
CVSS Score
9.8
EPSS Score
0.031
Published
2022-09-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved