CVE-2023-39226

Name of the Vulnerable Software and Affected Versions Delta Electronics InfraSuite Device Master version 1.0.7

Description The issue is related to the use of dangerous methods or functions in the software, allowing a remote attacker to execute arbitrary code by sending a specially crafted UDP packet. This can be achieved through a single UDP packet, enabling an unauthenticated attacker to perform the exploit.

Recommendations For Delta Electronics InfraSuite Device Master version 1.0.7, consider disabling the vulnerable function or restricting access to the affected module until a patch is available. As a temporary workaround, avoid using the RunScript function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.