Delta Electronics InfraSuite Device Master versions 00.00...
High severity
Unreviewed
Published
Nov 1, 2022
to the GitHub Advisory Database
•
Updated Jan 31, 2023
Description
Published by the National Vulnerability Database
Oct 31, 2022
Published to the GitHub Advisory Database
Nov 1, 2022
Last updated
Jan 31, 2023
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to trigger the WriteConfiguration method, which could allow an attacker to provide new values for user configuration files such as UserListInfo.xml. This could lead to the changing of administrative passwords.
References