Deltaww Dialink
14 CVEs affecting Deltaww Dialink. Latest disclosed: 2025-09-11. Critical: 2, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-58321 | Critical | 10.0 | 2025-09-11 | Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. |
CVE-2022-2660 | Critical | 9.8 | 2022-12-13 | Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to dec… |
CVE-2021-38418 | High | 8.8 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the traffic and perform a ma… |
CVE-2022-2969 | High | 8.1 | 2022-12-01 | Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 uses an external input to construct a pathname intended to identify a file or directory l… |
CVE-2021-38422 | High | 7.8 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the app… |
CVE-2021-38420 | High | 7.8 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacke… |
CVE-2021-38416 | High | 7.8 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where… |
CVE-2025-58320 | High | 7.3 | 2025-09-11 | Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. |
CVE-2021-38424 | Medium | 5.9 | 2021-11-03 | The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may… |
CVE-2021-38488 | Medium | 5.5 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript co… |
CVE-2021-38428 | Medium | 5.5 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript co… |
CVE-2021-38411 | Medium | 5.5 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript co… |
CVE-2021-38407 | Medium | 5.5 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript co… |
CVE-2021-38403 | Medium | 5.5 | 2021-11-03 | Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript co… |