Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Sep 17, 2024
Delta Electronics DIALink
CVE-2021-38407
Description
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API devices, which may allow an attacker to remotely execute code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.2.4.0+ 1 more
- (no CPE)range: <=1.2.4.0
- (no CPE)range: All
Patches
Vulnerability mechanics
References
1- us-cert.cisa.gov/ics/advisories/icsa-21-294-02mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.