Version 1.0.7

CVE-2023-47279

In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying.

HIGH CVSS 7.5 Published Nov 30, 2023

CVE-2023-47207

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute code with local administrator privileges.

CRITICAL CVSS 9.8 Published Nov 30, 2023

CVE-2023-46690

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution.

HIGH CVSS 8.8 Published Nov 30, 2023

CVE-2023-39226

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet.

CRITICAL CVSS 9.8 Published Nov 30, 2023