CVE-2024-4547

A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field
Configurations

No configuration.

History

06 May 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-06 14:15

Updated : 2024-05-06 16:00


NVD link : CVE-2024-4547

Mitre link : CVE-2024-4547

CVE.ORG link : CVE-2024-4547


JSON object : View

Products Affected

No product.

CWE
CWE-20

Improper Input Validation