Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.5 views

EcoStruxure IT Data Center Expert <= 9.0 Use of Hard-coded Credentials (SEVD-2026-069-05)

The version of EcoStruxure IT Data Center Expert installed on the remote host is 9.0 or prior. It is, therefore, affected by a vulnerability as referenced in the SEVD-2026-069-05 advisory. - Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/11/07 7:52 p.m.162 views

EcoStruxure-IT-Data-Center-exploit

EcoStruxure IT Data Center Expert Exploit Authenticated RCE...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/29 12:0 a.m.6 views

EcoStruxure IT Data Center Expert <= 8.3 Multiple Vulnerabilities (SEVD-2025-189-01)

The version of EcoStruxure IT Data Center Expert installed on the remote host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-36 advisory. - A CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...

9.5CVSS6.5AI score0.15311EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2025/07/29 12:0 a.m.5 views

EcoStruxure IT Data Center Expert Detection

Binary data ecostruxureitdatacenterexpertdetect.nbin...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2025/07/25 12:0 a.m.5 views

Schneider Electric EcoStruxure IT Data Center Expert Server-Side Request Forgery Vulnerability

Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A server-side request forgery vulnerability exists in Schneider...

6.3CVSS6.8AI score0.00463EPSS
Exploits2References1
CISA
CISA
added 2025/07/22 12:0 p.m.12 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning Manager...

7AI score
Exploits0References9
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.4 views

Schneider Electric EcoStruxure IT Data Center Expert 安全特征问题漏洞

Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. Schneider Electric EcoStruxure IT Data Center Expert suffers from...

8.9CVSS6.4AI score0.00196EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.7 views

Schneider Electric EcoStruxure IT Data Center Expert 代码注入漏洞

Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A code injection vulnerability exists in Schneider Electric...

7.2CVSS7.2AI score0.00313EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/07/11 12:0 a.m.8 views

Schneider Electric EcoStruxure IT Data Center Expert 代码问题漏洞

Schneider Electric EcoStruxure IT Data Center Expert is a scalable monitoring software from Schneider Electric France that collects, organizes, and distributes critical device information to provide a comprehensive view of devices. A server-side request forgery vulnerability exists in Schneider...

6.3CVSS6.6AI score0.00463EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2025/07/10 12:0 a.m.111 views

📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Root Password Discovery

Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below use logic contained within a JAR file and the MAC address to compute a "random" password for the root account. With access to the JAR file and knowledge of the MAC address, it is possible to determine the root password...

8.9CVSS7.5AI score0.00196EPSS
Exploits1
Packet Storm
Packet Storm
added 2025/07/10 12:0 a.m.203 views

📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Privilege Escalation

Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below contain a Charon executable that can be used by a low-privileged attacker to obtain root privileges. The Charon executable and configuration appears to be a local method for adding and removing services that run within th...

7.2CVSS7AI score0.00313EPSS
Exploits2
Packet Storm
Packet Storm
added 2025/07/10 12:0 a.m.150 views

📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Remote Command Execution

Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below have a configuration modification issue where sufficient input sanitization is not performed on the value provided for the hostname of the appliance. The hostname variable can include a command terminator and subsequent...

7.2CVSS7.5AI score0.00313EPSS
Exploits2
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.8 views

Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-23: Relative Path Traversal, CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS...

9.5CVSS7.8AI score0.15311EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.7 views

Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-6311: Insufficient Entropy CVE ID: CVE-2025-50122 2. Vulnerability Description The Data Center Expert "DCE"...

8.9CVSS7.3AI score0.00196EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.9 views

Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-1286: Improper Validation of Syntactic Correctness of Input, CWE-94: Improper Control of Generation of Code 'Code...

7.2CVSS7AI score0.00313EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.7 views

Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-918: Server-Side Request Forgery SSRF CVE ID: CVE-2025-50125 2. Vulnerability Description The Data Center Expert...

6.3CVSS7.8AI score0.00463EPSS
Exploits2Affected Software1
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.14 views

Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-611: Improper Restriction of XML External Entity Reference CVE ID: CVE-2025-6438 2. Vulnerability Description The...

5.9CVSS7.1AI score0.00391EPSS
Exploits1Affected Software1
KoreLogic Security
KoreLogic Security
added 2025/07/09 12:0 a.m.9 views

Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

Vulnerability Details Affected Vendor: Schneider Electric Affected Product: EcoStruxure IT Data Center Expert Affected Version: 8.3 and prior Platform: CentOS CWE Classification: CWE-266: Incorrect Privilege Assignment CVE ID: CVE-2025-50124 2. Vulnerability Description The Data Center Expert...

7.2CVSS7.4AI score0.00313EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.3 views

Schneider Electric EcoStruxure IT Gateway 安全漏洞

Schneider Electric EcoStruxure IT Gateway is a suite of cloud-based data center management-as-a-service DMaaS offerings from Schneider Electric, a French company. A security vulnerability exists in Schneider Electric EcoStruxure IT Gateway that stems from a lack of authorization vulnerability tha...

10CVSS6.4AI score0.00624EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/02/21 12:0 a.m.30 views

Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS7.5AI score0.00238EPSS
Exploits0References1
Rows per page
Query Builder