Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations and could ultimately result in remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Delta Electronics InfraSuite Device Master 路径遍历漏洞
Vulnerability Description
Delta Electronics InfraSuite Device Master是中国台湾台达电子(Delta Electronics)公司的用于简化和自动化关键设备监控的设备。 Delta Electronics InfraSuite Device Master 00.00.01a及之前版本存在路径遍历漏洞,该漏洞源于允许攻击者提供已序列化到内存中的数据,以用于文件操作应用程序可编程接口(API),这可能会创建任意文件,这些文件可用于API操作并最终导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A