CVE-2022-4616

HIGH

Delta DX-3021 <1.24 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-4616. PoCs published by ahanel13.

AI-analyzed exploit summary This Python script automates the exploitation of CVE-2022-46169 by providing a pseudo-shell interface. It sends crafted payloads to a vulnerable server via the `remote_agent.php` endpoint and captures command output via a callback HTTP server.

Description

The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions.

Exploits (1)

nomisec WORKING POC
by ahanel13 · poc
https://github.com/ahanel13/CVE-2022-4616-POC

This Python script automates the exploitation of CVE-2022-46169 by providing a pseudo-shell interface. It sends crafted payloads to a vulnerable server via the `remote_agent.php` endpoint and captures command output via a callback HTTP server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cacti (version not explicitly specified, but likely <= 1.2.22)
No auth needed
Prerequisites: Network access to the target Cacti instance · Vulnerable `remote_agent.php` endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.2
EPSS 0.0476
EPSS Percentile 90.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-77
Status published
Products (1)
deltaww/dx-3021l9_firmware < 1.24
Published Jan 13, 2023
Tracked Since Feb 18, 2026