EUVD-2018-19518

Malware in sbrugna...

Unspecified Vulnerability in Schneider Electric StruxureWare Data Center Operation

Schneider Electric StruxureWare Data Center Operation is a suite of data center operations software from Schneider Electric, France. The software provides an instant overview of data center operations through inventory management, PUE calculations, real-time equipment alerts and location-based...

Path traversal

Data Center Operation allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary uplo...

CVE-2018-7806

Data Center Operation allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary uplo...

CVE-2018-7806

Schneider Electric StruxureWare Data Center Operation is affected by CVE-2018-7806 due to a ZipSlip-style path traversal vulnerability in its file-upload feature. A authenticated user can upload a crafted ZIP containing path traversal file names, which could cause arbitrary files to be written to...

CVE-2018-7806

Data Center Operation allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary uplo...