Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause unauthenticated code execution. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Schneider Electric EcoStruxure Power Build 路径遍历漏洞
Vulnerability Description
Schneider Electric EcoStruxure Power Build是法国施耐德电气(Schneider Electric)公司的一个用于配电管理软件。该软件帮助用户设计、构建、试运行、运行和维护电气装置。 Schneider Electric EcoStruxure Power Build 2.22之前版本存在路径遍历漏洞,该漏洞源于对目录路径名限制不当。
CVSS Information
N/A
Vulnerability Type
N/A