Showing 1 - 1 of 1

CVE-2023-1133

Status Candidate

Overview

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remotely execute arbitrary code.

Related Files

Delta Electronics InfraSuite Device Master Deserialization: Posted Jun 8, 2023; Authored by anonymous, Shelby Pace | Site metasploit.com; Delta Electronics InfraSuite Device Master versions below 1.0.5 have an unauthenticated .NET deserialization vulnerability within the ParseUDPPacket() method of the Device-Gateway-Status process. The ParseUDPPacket() method reads user-controlled packet data and eventually calls BinaryFormatter.Deserialize() on what it determines to be the packet header without appropriate validation, leading to unauthenticated code execution as the user running the Device-Gateway-Status process.; tags | exploit, code execution; advisories | CVE-2023-1133; SHA-256 | 9f0d3862f019202aea4e14692644ab8356967d12a61b6b3dc1c1b6df8ea0f48c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 422 files
Ubuntu 110 files
Debian 31 files
Rahad Chowdhury 21 files
BugsBD Limited 21 files
Gentoo 18 files
tmrswrr 12 files
Google Security Research 7 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,915)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,903)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,657)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,155)
UNIX (9,341)
UnixWare (187)
Windows (6,611)
Other

CVE-2023-1133

Overview

Related Files

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems