Filtered by vendor Deltaww
Subscribe
Total
212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5944 | 1 Deltaww | 1 Dopsoft | 2024-04-11 | N/A | 7.8 HIGH |
| Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file. | |||||
| CVE-2023-5461 | 1 Deltaww | 1 Wplsoft | 2024-04-11 | 2.6 LOW | 5.9 MEDIUM |
| A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as problematic. Affected is an unknown function of the component Modbus Handler. The manipulation leads to cleartext transmission of sensitive information. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241584. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5460 | 1 Deltaww | 1 Wplsoft | 2024-04-11 | 2.7 LOW | 5.7 MEDIUM |
| A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241583. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5459 | 1 Deltaww | 14 Dvp32es200r, Dvp32es200r Firmware, Dvp32es200rc and 11 more | 2024-04-11 | 6.1 MEDIUM | 7.5 HIGH |
| A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-28029 | 1 Deltaww | 1 Diaenergie | 2024-03-25 | N/A | 8.8 HIGH |
| Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality. | |||||
| CVE-2022-3214 | 1 Deltaww | 1 Diaenergie | 2024-01-25 | N/A | 9.8 CRITICAL |
| Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution. | |||||
| CVE-2023-5130 | 1 Deltaww | 1 Wplsoft | 2024-01-25 | 7.3 HIGH | 8.8 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-5131 | 1 Deltaww | 1 Ispsoft | 2024-01-25 | 7.3 HIGH | 8.8 HIGH |
| A heap buffer-overflow exists in Delta Electronics ISPSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-43816 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||
| CVE-2023-43817 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||
| CVE-2023-43818 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43819 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43820 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43821 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43822 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43823 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43824 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
| CVE-2023-43815 | 1 Deltaww | 1 Dopsoft | 2024-01-20 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||
| CVE-2022-43457 | 1 Deltaww | 1 Diaenergie | 2023-12-22 | N/A | 8.8 HIGH |
| SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2023-47279 | 1 Deltaww | 1 Infrasuite Device Master | 2023-12-10 | N/A | 7.5 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | |||||