CVE-2022-29733

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and store sensitive information in cleartext. This vulnerability allows attackers to intercept HTTP Cookie authentication credentials via a man-in-the-middle attack.
References
Link Resource
https://www.deltacontrols.com/ Vendor Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5704.php Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:deltacontrols:entelitouch_firmware:3.40.3935:*:*:*:*:*:*:*
cpe:2.3:o:deltacontrols:entelitouch_firmware:3.40.3706:*:*:*:*:*:*:*
cpe:2.3:o:deltacontrols:entelitouch_firmware:3.33.4005:*:*:*:*:*:*:*
cpe:2.3:h:deltacontrols:entelitouch:-:*:*:*:*:*:*:*

Information

Published : 2022-06-02 07:15

Updated : 2022-06-09 17:56


NVD link : CVE-2022-29733

Mitre link : CVE-2022-29733


JSON object : View

CWE
CWE-319

Cleartext Transmission of Sensitive Information

Advertisement

dedicated server usa

Products Affected

deltacontrols

  • entelitouch_firmware
  • entelitouch