Deltaww

Infrasuite Device Master

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-10456

  • EPSS 1.54%
  • Veröffentlicht 30.10.2024 18:15:05
  • Zuletzt bearbeitet 01.11.2024 12:57:03

Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication.

7.5

CVE-2023-47279

  • EPSS 0.22%
  • Veröffentlicht 30.11.2023 23:15:07
  • Zuletzt bearbeitet 15.04.2025 19:16:06

In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying.

9.8

CVE-2023-47207

  • EPSS 2.14%
  • Veröffentlicht 30.11.2023 22:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:57

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges.

8.8

CVE-2023-46690

  • EPSS 1.04%
  • Veröffentlicht 30.11.2023 22:15:08
  • Zuletzt bearbeitet 21.11.2024 08:29:05

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution.

9.8

CVE-2023-39226

  • EPSS 0.24%
  • Veröffentlicht 30.11.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 08:14:57

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet.

7.5

CVE-2023-34316

  • EPSS 0.02%
  • Veröffentlicht 10.07.2023 20:15:15
  • Zuletzt bearbeitet 27.01.2025 17:15:14

​An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.

9.8

CVE-2023-30765

  • EPSS 0.68%
  • Veröffentlicht 10.07.2023 20:15:15
  • Zuletzt bearbeitet 27.01.2025 17:15:13

​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.

9.8

CVE-2023-34347

  • EPSS 0.12%
  • Veröffentlicht 10.07.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:07:03

​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.

7.8

CVE-2023-1145

  • EPSS 0.27%
  • Veröffentlicht 27.03.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:38:32

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in re...

8.8

CVE-2023-1144

  • EPSS 0.02%
  • Veröffentlicht 27.03.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:38:32

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.