Unrated severityNVD Advisory· Published May 6, 2024· Updated Aug 1, 2024
Delta Electronics DIAEnergie Unauthenticated SQL Injection
CVE-2024-4547
Description
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
Affected products
2- Range: <=1.10.1.8610
- Delta Electronics/DIAEnergiev5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.