HTTP:Delta Industrial Automation DIAEnergie HandlerPageP_KID SQL Injection
This signature detects attempts to exploit a known vulnerability against Delta. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
Affected Products
Deltaww diaenergie
Short Name
HTTP:SQL:INJ:DELTA-IA-DIAENERGE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Automation CVE-2022-41133 CVE-2022-43774 CVE-2022-43775 CVE-2024-23494 CVE-2024-23975 CVE-2024-25574 CVE-2024-25937 CVE-2024-28040 CVE-2024-28891 CVE-2024-34032 CVE-2024-42417 DIAEnergie Delta HandlerPageP_KID Industrial Injection SQL
Release Date
11/21/2022
Supported Platforms
mx-19.3
vmx-19.3
vsrx-19.2
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vmx-19.4
mx-19.4
srxevo-25.4
vsrx-26.2
srx-26.2
srx-branch-26.2
vsrx3bsd-26.2
mx-12.3
srx-12.3
srx-branch-12.3
vsrx-12.3
Sigpack Version
3757
False Positive
Unknown
Vendors
Deltaww