Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01 Mitigation Third Party Advisory US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2022-03-22T00:00:00

Updated: 2022-04-29T16:27:49

Reserved: 2022-03-17T00:00:00


Link: CVE-2022-26666

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-03-29T17:15:16.020

Modified: 2022-06-29T20:50:56.547


Link: CVE-2022-26666

JSON object: View

cve-icon Redhat Information

No data.

CWE