CVE-2023-0444
published 2023-01-26CVE-2023-0444: A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User'…
PriorityP351high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.99%
58.2th percentile
A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'Administrator' group. This allows any lower privileged user to log in as an administrator.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| deltaww | infrasuite_device_master | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
gst-plugins-bad1.0 vulnerabilities
osv·2025-06-05·CVSS 8.8
CVE-2023-50186 gst-plugins-bad1.0 vulnerabilities
gst-plugins-bad1.0 vulnerabilities
It was discovered that the AV1 codec plugin in GStreamer could be made
to write out of bounds. An attacker could possibly use this issue to
cause applications using the plugin to crash, resulting in a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS. (CVE-2023-50186, CVE-2024-0444)
It was discovered that the H265 codec plugin in GStreamer could be made
to write out of bounds. An attacker could possibly use this issue to
cause applications using the plugin to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2025-3887)
GHSA
GHSA-6q37-hw9r-5p8c: A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00
ghsa_unreviewed·2023-01-26
CVE-2023-0444 [HIGH] GHSA-6q37-hw9r-5p8c: A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00
A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'Administrator' group. This allows any lower privileged user to log in as an administrator.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-01-26
Published