Описание
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-gateway service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-gateway service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
Уязвимость программного продукта для мониторинга устройств в реальном времени Delta Electronics InfraSuite Device Master, связанная с недостатками механизма десериализации, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3