CVE-2022-29735
HIGHDelta Controls enteliTOUCH 3.40.3935 3.40.3706 3.33.4005 - Cross-Site Request Forgery
Title source: llmDescription
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute arbitrary commands via a crafted HTTP request.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.deltacontrols.com/
Exploit, Third Party Advisory x_refsource_misc
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5702.php
Scores
CVSS v3
8.8
EPSS
0.0094
EPSS Percentile
56.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (3)
deltacontrols/entelitouch_firmware
3.33.4005
deltacontrols/entelitouch_firmware
3.40.3706
deltacontrols/entelitouch_firmware
3.40.3935
Published
Jun 02, 2022
Tracked Since
Feb 18, 2026