Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Sep 16, 2024
Delta Electronics DIALink
CVE-2021-38411
Description
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an attacker to remotely execute code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.2.4.0+ 1 more
- (no CPE)range: <=1.2.4.0
- (no CPE)range: All
Patches
Vulnerability mechanics
References
1- us-cert.cisa.gov/ics/advisories/icsa-21-294-02mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.