Security Advisory: Remote Code Execution in Delta Electronics DVW Devices
This security advisory highlights critical vulnerabilities in Delta Electronics’ DVW industrial Ethernet routers, revealed using ONEKEY’s binary zero-day identification feature. The vulnerabilities, affecting all firmware versions, include command injections and buffer overflows that could lead to remote code execution. Despite the end-of-life (EOL) status of these devices, which means no patches will be issued, it is advised to limit access to the administrative interface to prevent exploitation.