Shodan
Vulnerabilities
Vulnerable Software
Deltaww:  >> Diaenergie  >> 1.10.00.005  Security Vulnerabilities
CVE-2025-57701
DIAEnergie - Reflected Cross-site Scripting
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-18
CVE-2025-57702
DIAEnergie - Reflected Cross-site Scripting
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-18
CVE-2025-57703
DIAEnergie - Reflected Cross-site Scripting
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-18
CVE-2025-57700
DIAEnergie - Stored Cross-site Scripting
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-18
CVE-2024-42417
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.
CVSS Score
8.8
EPSS Score
0.008
Published
2024-10-03
CVE-2024-43699
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the targeted product.
CVSS Score
9.8
EPSS Score
0.008
Published
2024-10-03
CVE-2024-4547
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
CVSS Score
9.8
EPSS Score
0.014
Published
2024-05-06
CVE-2024-4548
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field.
CVSS Score
9.8
EPSS Score
0.504
Published
2024-05-06
CVE-2024-4549
A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-05-06
CVE-2024-34032
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
CVSS Score
8.8
EPSS Score
0.008
Published
2024-05-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved