3 matches found
Schneider Electric IIoT Monitor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: IIoT Monitor --------- Begin Update A Part 1 of 2 -------- Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, XXE, Cryptographic Issues...
CVE-2018-7835
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user...
CVE-2018-7835
Schneider Electric IIoT Monitor (versions 3.1.38 and older) contains a path traversal vulnerability (CVE-2018-7835) that may allow an attacker to access files reachable to the SYSTEM user. Multiple connected sources (ZDI-19-020, ICS-CERT Update A, CNVD-2019-03466) describe this as an improper val...