What the vulnerability does

01Description

WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash.

Key dates

02Disclosure timeline

May 4, 2018 CVE published
September 16, 2024 Record updated