15 matches found
EUVD-2025-27614
Malicious code in bioql PyPI...
EUVD-2025-27485
Malicious code in bioql PyPI...
Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit
RISK EVALUATION Successful exploitation of these vulnerabilities could enable an attacker to execute arbitrary shell commands on the affected devices. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures...
CVE-2025-9996
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-9996
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-9997
CVE-2025-9997 relates to an OS command injection in BLMon Console (Schneider Electric) triggered during SSH sessions when running netstat. The root cause is improper neutralization of special elements in OS commands (CWE-78), potentially allowing execution of arbitrary shell commands on the affec...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-9996
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause the execution of any shell command when executing a netstat command using BLMon Console in an SSH session...
CVE-2025-9996
CVE-2025-9996 describes an OS command injection in Schneider Electric’s BLMon Console used in Saitel DR/DP remote terminal units. The root cause is improper neutralization of special elements in an OS command, enabling execution of arbitrary shell commands when netstat is run in an SSH session. T...
Vulnerabilities fixed in Schneider Electric Saitel
Schneider Electric has fixed vulnerabilities in Saitel components. The vulnerabilities are in how the BLMon Console handles special elements in operating system commands during SSH sessions. A malicious party could exploit these vulnerabilities to execute unauthorized shell commands, which could...
PT-2025-36978
Name of the Vulnerable Software and Affected Versions: BLMon Console affected versions not specified Description: An OS Command Injection issue exists due to improper neutralization of special elements used in an OS command. This could allow for the execution of arbitrary shell commands when...
PT-2025-36979
Name of the Vulnerable Software and Affected Versions: BLMon affected versions not specified Description: An OS Command Injection issue exists in BLMon that could allow command injection when executed in the operating system console during an SSH session. The issue is related to the improper...