Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. Affected Products: Easergy Builder Installer (1.7.23 and prior)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Schneider Electric Easergy Builder 代码问题漏洞
Vulnerability Description
Schneider Electric Easergy Builder是法国施耐德电气(Schneider Electric)公司的一套用于Easergy远程终端单元和控制器的配置软件。 Schneider Electric Easergy Builder 1.7.23及之前版本存在代码问题漏洞,该漏洞源于存在不受控制的搜索路径元素漏洞,攻击者利用该漏洞可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A