24 matches found
EcoStruxure IT Data Center Expert <= 9.0 Use of Hard-coded Credentials (SEVD-2026-069-05)
The version of EcoStruxure IT Data Center Expert installed on the remote host is 9.0 or prior. It is, therefore, affected by a vulnerability as referenced in the SEVD-2026-069-05 advisory. - Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code...
EcoStruxure-IT-Data-Center-exploit
EcoStruxure IT Data Center Expert Exploit Authenticated RCE...
EcoStruxure IT Data Center Expert <= 8.3 Multiple Vulnerabilities (SEVD-2025-189-01)
The version of EcoStruxure IT Data Center Expert installed on the remote host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-36 advisory. - A CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...
EcoStruxure IT Data Center Expert Detection
Binary data ecostruxureitdatacenterexpertdetect.nbin...
Schneider Electric EcoStruxure IT Data Center Expert Server-Side Request Forgery Vulnerability
Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A server-side request forgery vulnerability exists in Schneider...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning Manager...
Schneider Electric EcoStruxure IT Data Center Expert 安全特征问题漏洞
Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. Schneider Electric EcoStruxure IT Data Center Expert suffers from...
Schneider Electric EcoStruxure IT Data Center Expert 代码注入漏洞
Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A code injection vulnerability exists in Schneider Electric...
Schneider Electric EcoStruxure IT Data Center Expert 代码问题漏洞
Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A server-side request forgery vulnerability exists in Schneider...
📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Root Password Discovery
Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below use logic contained within a JAR file and the MAC address to compute a "random" password for the root account. With access to the JAR file and knowledge of the MAC address, it is possible to determine the root password...
📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Privilege Escalation
Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below contain a Charon executable that can be used by a low-privileged attacker to obtain root privileges. The Charon executable and configuration appears to be a local method for adding and removing services that run within th...
📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Remote Command Execution
Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below have a configuration modification issue where sufficient input sanitization is not performed on the value provided for the hostname of the appliance. The hostname variable can include a command terminator and subsequent...
Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-23: Relative Path Traversal, CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS...
Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-6311: Insufficient Entropy CVE ID: CVE-2025-50122 2. Vulnerability Description The Data Center Expert "DCE"...
Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-1286: Improper Validation of Syntactic Correctness of Input, CWE-94: Improper Control of Generation of Code 'Code...
Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-918: Server-Side Request Forgery SSRF CVE ID: CVE-2025-50125 2. Vulnerability Description The Data Center Expert...
Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-611: Improper Restriction of XML External Entity Reference CVE ID: CVE-2025-6438 2. Vulnerability Description The...
Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation
Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-266: Incorrect Privilege Assignment CVE ID: CVE-2025-50124 2. Vulnerability Description The Data Center Expert...
Schneider Electric EcoStruxure IT Gateway 安全漏洞
Schneider Electric EcoStruxure IT Gateway is a suite of cloud-based data center management-as-a-service DMaaS offerings from Schneider Electric, a French company. A security vulnerability exists in Schneider Electric EcoStruxure IT Gateway that stems from a lack of authorization vulnerability tha...
Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...