15 matches found
CVE-2021-22748
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
EUVD-2021-9883
Malicious code in bioql PyPI...
EUVD-2021-9931
Malicious code in bioql PyPI...
CVE-2021-22796
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22796
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22796
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22748
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22748
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
Path traversal
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
Authentication flaw
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22796
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
CVE-2021-22796
The CVE-2021-22796 entry concerns an improper authentication flaw that could allow remote code execution when a malicious file is uploaded. Affected products are Schneider Electric’s C-Bus Toolkit (versions 1.15.9 and earlier) and C-Gate Server (versions 2.11.7 and earlier). Root cause is CWE-287...
CVE-2021-22748
Summary: CVE-2021-22748 is a path traversal vulnerability (CWE-22) in Schneider Electric’s C‑Bus Toolkit (V1.15.9 and prior) and C‑Gate Server (V2.11.7 and prior) that could allow remote code execution when a file is saved. Multiple sources describe a network-exposed flaw with high impact (CVSSv3...
CVE-2021-22748
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...
Schneider Electric 多款产品授权问题漏洞
Schneider Electric C-Bus Toolkit is an application from Schneider Electric, France. It is used to run, configure and debug C-Bus installations on personal computers. An authorization issue vulnerability exists in several Schneider Electric products, which could allow remote code execution when a...