2024-05-06 13:48:08
tenable
PUBLISHED
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a RecalculateScript message, which is splitted into 4 fields using the ~ character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field