CVE-2024-4548

CVSS V2 None CVSS V3 None
Description
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field.
Overview
  • CVE ID
  • CVE-2024-4548
  • Assigner
  • tenable
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-06T13:51:07.049Z
  • Last Modified Date
  • 2024-06-20T20:06:39.622Z
References
History
Created Old Value New Value Data Type Notes
2024-06-23 22:15:24 Added to TrackCVE