Vulnerability Details CVE-2021-22748
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 87.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
Products affected by CVE-2021-22748
-
cpe:2.3:a:schneider-electric:c-bus_toolkit:-
-
cpe:2.3:a:schneider-electric:c-bus_toolkit:1.15.7
-
cpe:2.3:a:schneider-electric:c-bus_toolkit:1.15.8
-
cpe:2.3:a:schneider-electric:c-bus_toolkit:1.15.9