Security Advisory

CVE-2024-4548

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-06 13:51:07

Last updated 2024-08-01 20:47:40

Assigner tenable

State PUBLISHED

Description

An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a RecalculateHDMWYC message, which is split into 4 fields using the ~ character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field.

← Browse all CVEs View on cve.org ↗