Deltaww: >> Diaenergie >> 1.10.00.005 Security Vulnerabilities
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-05-03
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-03
Page 2