Dialink

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:delta_electronics:dialink:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorDelta Electronics (602ce746-0540-56a8-8888-ddeb939a1a97)
ProductDialink (d4392625-31ae-5d51-9ee6-087aeb158cc1)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-58321 vulnerable 2026-06-03 15:06:21.178177 DIALink - Directory Traversal Authentication Bypass Vulnerability
CRITICAL (10)
Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability.
Published: 2025-09-11T08:50:12.379Z
Updated: 2025-09-11T14:36:18.886Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-58320 vulnerable 2026-06-03 15:06:21.176806 DIALink - Directory Traversal Authentication Bypass Vulnerability
HIGH (7.3)
Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability.
Published: 2025-09-11T08:51:49.981Z
Updated: 2025-09-11T14:36:13.786Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38488 vulnerable 2026-06-03 14:45:07.253329 Delta Electronics DIALink
MEDIUM (5.5)
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter comment of the API events, which may allow an attacker to remotely execute code.
Published: 2021-11-03T19:05:54.595Z
Updated: 2024-09-17T03:13:03.362Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38428 vulnerable 2026-06-03 14:45:01.984654 Delta Electronics DIALink
MEDIUM (5.5)
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API schedule, which may allow an attacker to remotely execute code.
Published: 2021-11-03T19:05:41.591Z
Updated: 2024-09-17T02:56:47.240Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38424 vulnerable 2026-06-03 14:45:01.974474 Delta Electronics DIALink
MEDIUM (5.9)
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an attacker injecting formulas into the tag data. Those formulas may then be executed when it is opened with a spreadsheet application.
Published: 2021-11-03T19:05:22.305Z
Updated: 2024-09-16T20:41:42.309Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38422 vulnerable 2026-06-03 14:45:01.969287 Delta Electronics DIALink
HIGH (7.8)
Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.
Published: 2021-11-03T19:05:10.286Z
Updated: 2024-09-16T17:47:43.779Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38420 vulnerable 2026-06-03 14:45:01.968583 Delta Electronics DIALink
HIGH (7.8)
Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files.
Published: 2021-11-03T19:05:35.434Z
Updated: 2024-09-16T18:08:35.145Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38418 vulnerable 2026-06-03 14:45:01.967805 Delta Electronics DIALink
HIGH (8.8)
Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the traffic and perform a machine-in-the-middle attack to access information without authorization.
Published: 2021-11-03T19:05:03.549Z
Updated: 2024-09-16T19:35:30.633Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38416 vulnerable 2026-06-03 14:45:01.963660 Delta Electronics DIALink
HIGH (7.8)
Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed.
Published: 2021-11-03T19:05:48.466Z
Updated: 2024-09-16T18:54:21.395Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38411 vulnerable 2026-06-03 14:45:01.958049 Delta Electronics DIALink
MEDIUM (5.5)
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter deviceName of the API modbusWriter-Reader, which may allow an attacker to remotely execute code.
Published: 2021-11-03T19:04:57.862Z
Updated: 2024-09-16T23:11:29.456Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38407 vulnerable 2026-06-03 14:45:01.945687 Delta Electronics DIALink
MEDIUM (5.5)
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API devices, which may allow an attacker to remotely execute code.
Published: 2021-11-03T19:05:29.498Z
Updated: 2024-09-17T00:02:16.946Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-38403 vulnerable 2026-06-03 14:45:01.940393 Delta Electronics DIALink
MEDIUM (5.5)
Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter supplier of the API maintenance, which may allow an attacker to remotely execute code.
Published: 2021-11-03T19:05:15.432Z
Updated: 2024-09-17T01:01:27.067Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.