URL Decoding Vulnerability in Delta Electronics InfraSuite Device Master

URL Decoding Vulnerability in Delta Electronics InfraSuite Device Master

CVE-2023-1142 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.

Learn more about our Web Application Penetration Testing UK.