CVE-2022-4616

Summary

The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.

Affected Software

VendorProductVersion RangeStatus
Delta Industrial Automation4G Router DX-30210 < 1.24affected

Weaknesses

  • CWE-77: CWE-77 Command Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References