3 matches found
CVE-2025-50123
Schneider Electric EcoStruxure IT Data Center Expert (DCE) versions 8.3 and earlier are affected by CVE-2025-50123 due to insufficient sanitization of the hostname input in the .bcsetup script. The hostname value can pass a format check yet include a semicolon and commands, causing those OS comma...
CVE-2025-50123
creationtimestamp| type| source ---|---|--- 2025-07-10 01:48:46+00:00| seen| https://bsky.app/profile/jimbecher.bsky.social/post/3ltl7mhepzk2i 2025-07-22 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-06...
Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-1286: Improper Validation of Syntactic Correctness of Input, CWE-94: Improper Control of Generation of Code 'Code...