Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_loopmapHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01 Mitigation Third Party Advisory US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2022-03-22T00:00:00

Updated: 2022-04-29T16:26:06

Reserved: 2022-03-17T00:00:00


Link: CVE-2022-26887

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-03-29T17:15:16.287

Modified: 2022-06-29T20:51:06.883


Link: CVE-2022-26887

JSON object: View

cve-icon Redhat Information

No data.

CWE