CVE-2022-4616

Name of the Vulnerable Software and Affected Versions Delta DX-3021 versions prior to 1.24

Description The webserver in Delta DX-3021 is vulnerable to command injection through the network diagnosis page. This issue could allow a remote unauthenticated user to add files, delete files, and change file permissions. The vulnerability exists due to insufficient input validation, which can be exploited by a remote attacker to modify data.

Recommendations For versions prior to 1.24, update to version 1.24 or later to resolve the issue. As a temporary workaround, consider restricting access to the network diagnosis page until a patch is available. Avoid using the network diagnosis page for sensitive operations until the issue is resolved.