Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.
CVSS Information
N/A
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Schneider Electric EcoStruxure Building Operation WebReports 代码问题漏洞
Vulnerability Description
施耐德电气 Schneider Electric EcoStruxure Building Operation WebReports是法国施耐德电气公司的一个企业级楼宇控制系统的基于Web的控制平台。 Schneider Electric EcoStruxure Building Operation WebReports 1.9版本至3.1版本存在代码问题漏洞,该漏洞源于允许通过认证的远程用户由于对用户提供的文件进行不正确的验证而能够上传任意文件,从而实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A