VYPR

DIALink

by Delta Industrial Automation

CVEs (2)

  • CVE-2022-2660CriDec 13, 2022
    risk 0.64cvss 9.8epss 0.01

    Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.

  • CVE-2022-2969HigDec 1, 2022
    risk 0.53cvss 8.1epss 0.02

    Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements…