CVE-2024-25574 | Delta Electronics DIAEnergie prior 1.10.00.005 GetDIAE_usListParameters sql injection (icsa-24-074-12)

Posted by Angelo Barbosa | Apr 1, 2024 | CVE

A vulnerability, which was classified as critical, was found in Delta Electronics DIAEnergie. Affected is the function GetDIAE_usListParameters. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2024-25574. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25574 | Delta Electronics DIAEnergie prior 1.10.00.005 GetDIAE_usListParameters sql injection (icsa-24-074-12)

Related Posts

CVE-2024-30603 | Tenda FH1203 2.0.1.6 saveParentControlInfo urls stack-based overflow

CVE-2024-3282 | WP Table Builder Plugin up to 1.5.0 on WordPress cross site scripting

CVE-2024-4220 | BeyondTrust BeyondInsight up to 23.0 information disclosure

CVE-2024-4329 | Thim Elementor Kit Plugin up to 1.1.9 on WordPress id cross site scripting