Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Schneider Electric Vijeo Citect/CitectSCADA/PowerLogic SCADA XML外部实体注入漏洞
Vulnerability Description
Schneider Electric Vijeo Citect、CitectSCADA和PowerLogic SCADA都是法国施耐德电气(Schneider Electric)公司的在数据采集与监控系统(SCADA)中提供监视和控制功能的软件。 Schneider Electric Vijeo Citect 7.20及之前的版本,CitectSCADA 7.20及之前的版本,PowerLogic SCADA 7.20及之前的版本中存在XML外部实体注入漏洞。远程攻击者可通过包含外部实体声明和实体引用结合
CVSS Information
N/A
Vulnerability Type
N/A