cbcvebase.
CVE-2022-25347
published 2022-03-29

CVE-2022-25347: Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files…

PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
11.12%
95.4th percentile
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.

Affected

2 ranges
VendorProductVersion rangeFixed in
delta_electronicsdiaenergie>= unspecified < 1.8.02.0041.8.02.004
deltawwdiaenergie< 1.8.02.0041.8.02.004

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.