Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert (V15.1 and above)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
Schneider Electric EcoStruxure Control Expert 安全漏洞
Vulnerability Description
Schneider Electric EcoStruxure Control Expert(前称Unity Pro)是法国施耐德电气(Schneider Electric)公司的一套用于Schneider Electric逻辑控制器产品的编程软件。 Schneider Electric EcoStruxure Control Expert V15.1版本存在安全漏洞,该漏洞源于存在资源暴露于错误领域的漏洞,攻击者利用该漏洞可能远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A