Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:schneider-electric:struxureon_gateway:1.1.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-9970 |
A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution. Published: February 12, 2018; 6:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.2 HIGH V2.0: 9.0 HIGH |