Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior)
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Schneider Electric EcoStruxure Power Monitoring Expert 输入验证错误漏洞
Vulnerability Description
Schneider Electric EcoStruxure Power Monitoring Expert是法国施耐德(Schneider Electric)公司的一个用于物联网环境中进行配电监控的设备。 Schneider Electric EcoStruxure Power Monitoring Expert 存在输入验证错误漏洞,该漏洞源于不正确的输入验证漏洞,该漏洞可能允许经过身份验证的用户通过有限的操作系统服务帐户读取服务器上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A