cbcvebase.
CVE-2023-1137
published 2023-03-27

CVE-2023-1137: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext…

PriorityP352high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.55%
41.8th percentile
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext credentials of administrator users, resulting in privilege escalation.

Affected

9 ranges
VendorProductVersion rangeFixed in
delta_electronicsinfrasuite_device_master< 1.0.51.0.5
deltawwinfrasuite_device_master< 1.0.51.0.5
linuxlinux_kernel>= 2.6.16 < 4.14.3234.14.323
linuxlinux_kernel>= 4.15.0 < 4.19.2924.19.292
linuxlinux_kernel>= 4.20.0 < 5.4.2545.4.254
linuxlinux_kernel>= 5.11.0 < 5.15.1275.15.127
linuxlinux_kernel>= 5.16.0 < 6.1.466.1.46
linuxlinux_kernel>= 5.5.0 < 5.10.1915.10.191
linuxlinux_kernel>= 6.2.0 < 6.4.116.4.11

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.