EUVD-2018-9653

Malware in sbrugna...

Fr. Sauter AG CASE Suite XML External Entity Injection Vulnerability

Fr. Sauter AG CASE Suite is a software development kit for building automation systems from Fr. Sauter AG, Switzerland. An XML external entity injection vulnerability exists in Fr. Sauter AG CASE Suite version 3.10 and earlier. A remote attacker could exploit this vulnerability to cause a file...

CVE-2018-17912

An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure...

CVE-2018-17912

An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure...

Remote file inclusion

An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure...

CVE-2018-17912

An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure...

CVE-2018-17912

CVE-2018-17912 describes an XML External Entity (XXE) vulnerability in Fr. Sauter AG CASE Suite versions 3.10 and earlier, triggered when processing parameter entities. The issue could allow remote file disclosure. Public details across connected records confirm the affected product (CASE Suite),...

Fr. Sauter AG CASE Suite

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fr. Sauter AG Equipment: CASE Suite Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...