A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
webreports | ge | 1.9 | |
webreports | le | 3.1 |