CVE-2022-43452

SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*

History

27 Oct 2023, 20:31

Type Values Removed Values Added
CWE CWE-89

27 Oct 2023, 00:15

Type Values Removed Values Added
CWE CWE-89
Summary SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network

Information

Published : 2022-11-17 23:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-43452

Mitre link : CVE-2022-43452

CVE.ORG link : CVE-2022-43452


JSON object : View

Products Affected

deltaww

  • diaenergie
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')