CVE-2022-41772

Name of the Vulnerable Software and Affected Versions Delta Electronics InfraSuite Device Master versions 00.00.01a and prior

Description The issue concerns the mishandling of .ZIP archives containing characters used in path traversal, which could result in remote code execution. This path traversal vulnerability may lead to unauthorized access and control of the system.

Recommendations For versions 00.00.01a and prior, consider restricting access to the ZIP archive handling functionality until a patch is available. As a temporary workaround, avoid using .ZIP archives containing characters that could be used in path traversal attacks. Restrict access to sensitive directories and files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.