Severity
High
Analysis Summary
CVE-2021-32955
Delta Electronics DIAEnergie could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. A remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVE-2021-32983
Delta Electronics DIAEnergie is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /DataHandler/Handler_CFG.ashx endpoint using the keyword parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2021-32991
Delta Electronics DIAEnergie is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to carry out unintended actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2021-33003
Delta Electronics DIAEnergie could allow a locally authenticated attacker to obtain sensitive information, caused by a weak hashing algorithm. An attacker could exploit this vulnerability to retrieve passwords in cleartext and obtain sensitive information.
CVE-2021-38390
Delta Electronics DIAEnergie is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /DataHandler/HandlerEnergyType.ashx endpoint using the egyid parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2021-38391
Delta Electronics DIAEnergie is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /DataHandler/AM/AM_Handler.ashx endpoint using the type parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2021-38393
Delta Electronics DIAEnergie is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /DataHandler/HandlerAlarmGroup.ashx endpoint using the agid parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
- Unauthorized Access
- Data Manipulation
- Exposure of Sensitive Data
- SQL Injection
Affected Vendors
Delta Electronics
Affected Products
Delta Electronics DIAEnergie 1.7.5
Delta Electronics DIAEnergie 1.7.4
Remediation
Refer to ICS-CERT Advisory for the patch, upgrade, or suggested workaround information