Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Delta Electronics DIAEnergie Unauthenticated SQL Injection
Vulnerability Description
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Delta Electronics DIAEnergie SQL注入漏洞
Vulnerability Description
Delta Electronics DIAEnergie是中国台湾台达电子(Delta Electronics)公司的一个工业能源管理系统,用于实时监控和分析能源消耗、计算能源消耗和负载特性、优化设备性能、改进生产流程并最大限度地提高能源效率。 Delta Electronics DIAEnergie v1.10.1.8610 及之前版本存在SQL注入漏洞,该漏洞源于当 CEBC.exe 处理 RecalculateScript 消息时,使用 ~ 字符作为分隔符分为 4 个字段,远程攻击者利用该漏洞可以通
CVSS Information
N/A
Vulnerability Type
N/A