HIGH🇵🇱 Wersja polska

CVE-2021-38422

CVSS 7.8v3.1pub. 2021-11-03upd. 2024-11-21

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Deltaww Dialink

    APP
    Deltaww
    ≤ 1.2.4.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2025-58321CRITICAL10.0PL ✓ten sam produkt

Delta Electronics DIALink — path traversal umożliwiający ominięcie uwierzytelnienia

CVE-2022-2660CRITICAL9.8ten sam produkt

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded crypt...

CVE-2025-58320HIGH7.3ten sam produkt

Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability.

CVE-2022-2969HIGH8.1ten sam produkt

Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pa...

CVE-2021-38418HIGH8.8ten sam produkt

Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to b...