EUVD-2014-7057

Malware in sbrugna...

Catalog Traversal Vulnerability in the Electricity Cloud Platform of Ankorui Electric Co.

Anchorui Electric Co., Ltd Smart Electricity Cloud Platform is a set of electrical fire early warning and prevention management system developed for the frequent occurrence of electrical fires. A directory traversal vulnerability exists in the Ankrui Electric Company Limited Intelligent Electrici...

CVE-2014-7180

Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for 1 eccert.pl and 2 ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files...

Code injection

Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for 1 eccert.pl and 2 ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files...

CVE-2014-7180

Electric Cloud ElectricCommander vulnerable versions: 4.2.5 and earlier, and 5.x prior to 5.0.3. The issue is that eccert.pl and ecconfigure.pl have world-writable permissions, enabling local users to modify the files and execute arbitrary Perl code. Impact is local code execution. Remediation: u...