Details of VAR-202601-2333

ID

VAR-202601-2333

CVE

CVE-2026-0975

TITLE

Delta Electronics, INC. of DIAView Command injection vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-001607

DESCRIPTION

Delta Electronics DIAView has Command Injection vulnerability. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-0975 // JVNDB: JVNDB-2026-001607

AFFECTED PRODUCTS

vendor:	deltaww	model:	diaview	scope:	lt	version:	4.4.0	Trust: 1.0
vendor:	delta	model:	diaview	scope:	eq	version:	-	Trust: 0.8
vendor:	delta	model:	diaview	scope:	-	version:	-	Trust: 0.8
vendor:	delta	model:	diaview	scope:	eq	version:	4.4.0	Trust: 0.8

sources: JVNDB: JVNDB-2026-001607 // NVD: CVE-2026-0975

CVSS

SEVERITY

CVSSV2

CVSSV3

759f5e80-c8e1-4224-bead-956d7b33c98b:	CVE-2026-0975
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2026-0975
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2026-0975
value:	CRITICAL
Trust: 0.8

759f5e80-c8e1-4224-bead-956d7b33c98b:	CVE-2026-0975
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-0975
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2026-0975
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-001607 // NVD: CVE-2026-0975 // NVD: CVE-2026-0975

PROBLEMTYPE DATA

problemtype:	CWE-77	Trust: 1.0
problemtype:	Command injection (CWE-77) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-001607 // NVD: CVE-2026-0975

PATCH

title:

VulnbyCola/Tenda/AX-1806/9/1.md at main 0-fool/VulnbyCola GitHub

url:

https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00002_DIAView%20-Exposed%20Dangerous%20Method%20Remote%20Code%20Execution%20(CVE-2026-0975).pdf

Trust: 0.8

sources: JVNDB: JVNDB-2026-001607

EXTERNAL IDS

db:	NVD	id:	CVE-2026-0975	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-001607	Trust: 0.8

sources: JVNDB: JVNDB-2026-001607 // NVD: CVE-2026-0975

REFERENCES

url:	https://filecenter.deltaww.com/news/download/doc/delta-pcsa-2026-00002_diaview%20-exposed%20dangerous%20method%20remote%20code%20execution%20(cve-2026-0975).pdf	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-0975	Trust: 0.8

sources: JVNDB: JVNDB-2026-001607 // NVD: CVE-2026-0975

SOURCES

db:	JVNDB	id:	JVNDB-2026-001607
db:	NVD	id:	CVE-2026-0975

LAST UPDATE DATE

2026-01-23T19:38:01.831000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-001607	date:	2026-01-22T02:28:00
db:	NVD	id:	CVE-2026-0975	date:	2026-01-20T19:20:21.723

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-001607	date:	2026-01-22T00:00:00
db:	NVD	id:	CVE-2026-0975	date:	2026-01-16T06:15:51.187