Lucene search
China National Vulnerability DatabaseCNVD-2021-84841HistoryOct 22, 2021 - 12:00 a.m.
DIALink Cross-Site Scripting Vulnerability (CNVD-2021-84841)
2021-10-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
dialink
device networking platform
delta electronics
cnc machines
plc-controlled machines
field device data
upper management platform
api plan
javascript code
remote code execution
EPSS
0.001
Percentile
33.0%
DIALink is a device networking platform from Delta Electronics that allows effective management of CNC machines and PLC-controlled machines, collects field device data and interfaces with the upper management platform through a unified interface, and provides visual information to reflect process parameters and device operating status. scripting vulnerability. An attacker can use this vulnerability to inject arbitrary JavaScript code into the name parameter of the API plan and execute the code remotely.
Related
nvd
nvd
CVE-2021-38428
2021-11-03 20:15:08
cvelist
cvelist
CVE-2021-38428 Delta Electronics DIALink
2021-11-03 19:05:41
prion
prion
Cross site scripting
2021-11-03 20:15:00
cve
cve
CVE-2021-38428
2021-11-03 20:15:08
ics
ics
Delta Electronics DIALink
2021-10-21 12:00:00