Lucene search
IcscertCVELIST:CVE-2022-25347HistoryMar 29, 2022 - 4:37 p.m.
CVE-2022-25347 Delta Electronics DIAEnergie Path Traversal
2022-03-2916:37:04
CWE-37
icscert
www.cve.org
2
delta electronics
diaenergie
path traversal
vulnerability
file system
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.001
Percentile
35.0%
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.
CNA Affected
[
{
"product": "DIAEnergie",
"vendor": "Delta Electronics",
"versions": [
{
"lessThan": "1.8.02.004",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-25347
2022-03-29 17:15:15
cve
cve
CVE-2022-25347
2022-03-29 17:15:15
checkpoint_advisories
checkpoint_advisories
prion
prion
Path traversal
2022-03-29 17:15:00
ics
ics
Delta Electronics DIAEnergie (Update C)
2022-08-02 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.001
Percentile
35.0%
Related for CVELIST:CVE-2022-25347