CVE-2023-46690

Name of the Vulnerable Software and Affected Versions Delta Electronics InfraSuite Device Master version 1.0.7

Description A vulnerability exists in Delta Electronics InfraSuite Device Master that allows an attacker to write to any file in any location of the filesystem, potentially leading to remote code execution. This issue arises due to incorrect restriction of the directory path name with limited access. The exploitation of this vulnerability could enable a remote attacker to execute arbitrary code.

Recommendations For version 1.0.7, update to a newer version that contains a fix for this issue, as the current version allows for directory traversal and remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.