CVE-2022-4616
published 2023-01-13CVE-2022-4616: The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a…
PriorityP263critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EPSS
4.76%
90.8th percentile
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to
command injection through the network diagnosis page. This vulnerability
could allow a remote unauthenticated user to add files, delete files,
and change file permissions.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| delta_industrial_automation | 4g_router_dx-3021 | < 1.24 | 1.24 |
| deltaww | dx-3021l9_firmware | < 1.24 | 1.24 |
| linux | linux_kernel | >= 5.19.0 < 6.0.16 | 6.0.16 |
| linux | linux_kernel | >= 6.1.0 < 6.1.2 | 6.1.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerable attack surface is the network diagnosis page of the DX-3021 webserver; monitor for unexpected HTTP requests targeting this page, especially those containing shell metacharacters or command sequences ↗
- →The vulnerability is exploitable by a remote unauthenticated user, so no session/auth token is required; alert on command-injection payloads (e.g., semicolons, pipes, backticks, $() constructs) in requests to the network diagnosis endpoint from unauthenticated sessions ↗
- →Affected product is Delta DX-3021L9 running firmware versions prior to V1.24; fingerprint devices on the network and flag any running pre-1.24 firmware as high-risk ↗
- ·CVSS v3 base score is 7.2 with vector AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H — note the PR:H (High Privileges Required) in the vector string contrasts with the advisory prose stating 'remote unauthenticated user'; analysts should verify actual authentication requirements during exploitation ↗
- ·No known public exploits exist for this vulnerability as of the advisory date; threat hunting should be prioritized over reactive alerting until a PoC is published ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
vendor_redhat2.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
kernel: md/raid0, raid10: Don't set discard sectors for request queue
vendor_redhat·2025-12-08·CVSS 2.3
CVE-2022-50583 [LOW] CWE-628 kernel: md/raid0, raid10: Don't set discard sectors for request queue
kernel: md/raid0, raid10: Don't set discard sectors for request queue
In the Linux kernel, the following vulnerability has been resolved:
md/raid0, raid10: Don't set discard sectors for request queue
It should use disk_stack_limits to get a proper max_discard_sectors
rather than setting a value by stack drivers.
And there is a bug. If all member disks are rotational devices,
raid0/raid10 set max_discard_sectors. So the member devices are
not ssd/nvme, but raid0/raid10 export the wrong value. It reports
warning messages in function __blkdev_issue_discard when mkfs.xfs
like this:
[ 4616.022599] ------------[ cut here ]------------
[ 4616.027779] WARNING: CPU: 4 PID: 99634 at block/blk-lib.c:50 __blkdev_issue_discard+0x16a/0x1a0
[ 4616.140663] RIP: 0010:__blkdev_issue_discard+0x16a/0x1a0
[ 4
CISA ICS
Delta 4G Router DX-3021
cisa_ics·2022-12-20·CVSS 7.2
[HIGH] Delta 4G Router DX-3021
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Delta 4G Router DX-3021
Last RevisedDecember 20, 2022
Alert CodeICSA-22-354-05
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Delta Industrial Automation
- Equipment: 4G Router DX-3021
- Vulnerabilities: Command Injection
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote unauthenticated user to add files, delete files, or change file permissions.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Delta reports this vulnerability affects the following 4G Routers:
- DX-3021L9 ve
OSV
md/raid0, raid10: Don't set discard sectors for request queue
osv·2025-12-08
CVE-2022-50583 md/raid0, raid10: Don't set discard sectors for request queue
md/raid0, raid10: Don't set discard sectors for request queue
In the Linux kernel, the following vulnerability has been resolved:
md/raid0, raid10: Don't set discard sectors for request queue
It should use disk_stack_limits to get a proper max_discard_sectors
rather than setting a value by stack drivers.
And there is a bug. If all member disks are rotational devices,
raid0/raid10 set max_discard_sectors. So the member devices are
not ssd/nvme, but raid0/raid10 export the wrong value. It reports
warning messages in function __blkdev_issue_discard when mkfs.xfs
like this:
[ 4616.022599] ------------[ cut here ]------------
[ 4616.027779] WARNING: CPU: 4 PID: 99634 at block/blk-lib.c:50 __blkdev_issue_discard+0x16a/0x1a0
[ 4616.140663] RIP: 0010:__blkdev_issue_discard+0x16a/0x1a0
[ 4616.
GHSA
GHSA-2qfm-rj23-qxqj: The webserver in Delta DX-3021 versions prior to 1
ghsa_unreviewed·2023-01-13
CVE-2022-4616 [CRITICAL] CWE-77 GHSA-2qfm-rj23-qxqj: The webserver in Delta DX-3021 versions prior to 1
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.
No detection rules found.
No public exploits indexed.
https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1&CID=06&itemID=060308&downloadID=DX&dataType=12&sort_expr=cdate&sort_dir=DESChttps://www.cisa.gov/uscert/ics/advisories/icsa-22-354-05https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1&CID=06&itemID=060308&downloadID=DX&dataType=12&sort_expr=cdate&sort_dir=DESChttps://www.cisa.gov/uscert/ics/advisories/icsa-22-354-05
2023-01-13
Published