Sign-up

ID

VAR-202211-0095


CVE

CVE-2022-2969


TITLE

Delta Industrial Automation DIALink Directory Traversal Arbitrary File Creation Vulnerability

Trust: 0.7

sources: ZDI: ZDI-23-671

DESCRIPTION

Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory located underneath a restricted parent directory. However, the software does not properly neutralize special elements within the pathname, which can cause the pathname to resolve to a location outside of the restricted directory. This vulnerability allows remote attackers to create arbitrary files on affected installations of Delta Industrial Automation DIALink. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the opcua endpoint of the web service, which listens on TCP port 5000 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of the web service. Delta Electronics Industrial Automation DIALink is an industrial automation IoT device from Delta Electronics, Taiwan, China

Trust: 2.16

sources: NVD: CVE-2022-2969 // ZDI: ZDI-23-671 // CNNVD: CNNVD-202211-2069 // VULMON: CVE-2022-2969

AFFECTED PRODUCTS

vendor:deltawwmodel:dialinkscope:eqversion:1.5.0.0

Trust: 1.0

vendor:deltawwmodel:dialinkscope:ltversion:1.5.0.0

Trust: 1.0

vendor:deltamodel:dialinkscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-23-671 // NVD: CVE-2022-2969

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-2969
value: HIGH

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-2969
value: HIGH

Trust: 1.0

ZDI: CVE-2022-2969
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202211-2069
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-2969
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-2969
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

ZDI: CVE-2022-2969
baseSeverity: HIGH
baseScore: 8.1
vectorString: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-23-671 // CNNVD: CNNVD-202211-2069 // NVD: CVE-2022-2969 // NVD: CVE-2022-2969

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.0

sources: NVD: CVE-2022-2969

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2069

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202211-2069

PATCH

title:Delta Electronics has issued an update to correct this vulnerability.url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-03

Trust: 0.7

sources: ZDI: ZDI-23-671

EXTERNAL IDS

db:NVDid:CVE-2022-2969

Trust: 2.4

db:ICS CERTid:ICSA-22-307-03

Trust: 1.7

db:ZDI_CANid:ZDI-CAN-16888

Trust: 0.7

db:ZDIid:ZDI-23-671

Trust: 0.7

db:AUSCERTid:ESB-2022.5578

Trust: 0.6

db:CNNVDid:CNNVD-202211-2069

Trust: 0.6

db:VULMONid:CVE-2022-2969

Trust: 0.1

sources: ZDI: ZDI-23-671 // VULMON: CVE-2022-2969 // CNNVD: CNNVD-202211-2069 // NVD: CVE-2022-2969

REFERENCES

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-03

Trust: 1.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-03

Trust: 0.7

url:https://cxsecurity.com/cveshow/cve-2022-2969/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5578

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-23-671 // VULMON: CVE-2022-2969 // CNNVD: CNNVD-202211-2069 // NVD: CVE-2022-2969

CREDITS

Y4er

Trust: 0.7

sources: ZDI: ZDI-23-671

SOURCES

db:ZDIid:ZDI-23-671
db:VULMONid:CVE-2022-2969
db:CNNVDid:CNNVD-202211-2069
db:NVDid:CVE-2022-2969

LAST UPDATE DATE

2024-08-14T14:49:31.296000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-23-671date:2023-05-17T00:00:00
db:VULMONid:CVE-2022-2969date:2022-12-01T00:00:00
db:CNNVDid:CNNVD-202211-2069date:2022-12-08T00:00:00
db:NVDid:CVE-2022-2969date:2022-12-07T14:34:35.657

SOURCES RELEASE DATE

db:ZDIid:ZDI-23-671date:2023-05-17T00:00:00
db:VULMONid:CVE-2022-2969date:2022-12-01T00:00:00
db:CNNVDid:CNNVD-202211-2069date:2022-11-04T00:00:00
db:NVDid:CVE-2022-2969date:2022-12-01T18:15:10.207