3 matches found
Schneider Electric SpaceLogic C-Bus Toolkit
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : SpaceLogic C-Bus Toolkit Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
CVE-2023-5399
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command...
CVE-2023-5399
Schneider Electric C-Bus Toolkit (SpaceLogic C-Bus Toolkit) contains a path traversal flaw in the FileCommand feature that can allow unauthenticated remote code execution. The root cause is improper validation of a user-supplied path prior to file operations, enabling an attacker to tamper with f...