CVE-2022-4616
Published: 13 January 2023
Summary
CVE-2022-4616 is a high-severity Command Injection (CWE-77) vulnerability in Deltaww Dx-3021L9 Firmware. Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 2.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability is a command injection flaw in the webserver component of Delta DX-3021 devices running firmware versions prior to 1.24. It resides in the network diagnosis page and is tracked under CWE-77, allowing manipulation of system commands through crafted input.
An unauthenticated remote attacker can exploit the issue over the network to add files, delete files, and alter file permissions on the affected device, resulting in high impact to confidentiality, integrity, and availability despite the CVSS requirement for high privileges.
Vendor firmware updates addressing the flaw are available from the Delta download center, and CISA has published advisory ICSA-22-354-05 with additional guidance for affected industrial control systems.
The associated EPSS score has remained flat at its current peak of 0.3395 with no material upward movement after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-51947
Vulnerability details
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.