4 matches found
CVE-2023-25549
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that allows for remote code execution when using a parameter of the DCE network settings endpoint. Affected products: StruxureWare Data Center Expert V7.9.2 and prior...
CVE-2023-25549
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that allows for remote code execution when using a parameter of the DCE network settings endpoint. Affected products: StruxureWare Data Center Expert V7.9.2 and prior...
CVE-2023-25549
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that allows for remote code execution when using a parameter of the DCE network settings endpoint. Affected products: StruxureWare Data Center Expert V7.9.2 and prior...
CVE-2023-25549
Schneider Electric StruxureWare Data Center Expert (versions prior to 7.9.2) contains a CWE-94 code-injection flaw that allows remote code execution via a parameter of the DCE network settings endpoint. Exploitation details are not elaborated in the provided documents, but the issue is described ...