5 matches found
CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...
CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert V7.8.1 and prior...
CVE-2021-22795
The CVE-2021-22795 entry affects Schneider Electric StruxureWare Data Center Expert (versions 7.8.1 and earlier) and is an OS Command Injection (CWE-78) vulnerability that could allow remote code execution over the network. Some sources indicate authentication may be required to exploit, while CV...
Schneider Electric Struxureware Data Center Expert Command Injection (CVE-2021-22795)
A command-injection vulnerability exists in Schneider Electric Struxureware Data Center Expert. The vulnerability is due to improper validation of user-supplied input...
Schneider Electric Struxureware Data Center Expert
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Struxureware Data Center Expert Vulnerabilities: OS Command Injection, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow remote...