CVE-2023-5461

Published: Oct 9, 2023Modified: Nov 21, 2024

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as problematic. Affected is an unknown function of the component Modbus Handler. The manipulation leads to cleartext transmission of sensitive information. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241584. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected (1)

Products: Deltaww: Wplsoft

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Deltaww Wplsoft	Version 2.51

Related CWEs

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (6)

https://drive.google.com/drive/folders/17nBJt3tejqipE_L-lMEhYXeGhG0eii-_

Source: cna@vuldb.com

Permissions Required

https://vuldb.com/?ctiid.241584

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.241584

Source: cna@vuldb.com

Third Party Advisory

https://drive.google.com/drive/folders/17nBJt3tejqipE_L-lMEhYXeGhG0eii-_

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://vuldb.com/?ctiid.241584

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.241584

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.