CVE-2023-1141

Name of the Vulnerable Software and Affected Versions Delta Electronics InfraSuite Device Master versions prior to 1.0.5

Description The issue is related to a command injection vulnerability that could allow an attacker to inject arbitrary commands, potentially resulting in remote code execution. The vulnerability is associated with inadequate data cleaning measures at the management level, which could be exploited by a remote attacker to execute arbitrary code.

Recommendations For Delta Electronics InfraSuite Device Master versions prior to 1.0.5, update to version 1.0.5 or later to resolve the command injection vulnerability. As a temporary workaround, consider restricting access to the command line interface to minimize the risk of exploitation.