CVEDB API

Vulnerabilities

Vulnerable Software

Schneider-Electric: >> C-Bus Toolkit >> 1.15.7 Security Vulnerabilities

CVE-2023-5402

A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network.

CVSS Score

9.8

EPSS Score

0.003

Published

2023-10-04

CVE-2021-22748

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)

CVSS Score

8.8

EPSS Score

0.035

Published

2022-02-11

CVE-2021-22784

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.

CVSS Score

5.7

EPSS Score

0.014

Published

2021-07-21

CVE-2021-22716

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)

CVSS Score

7.8

EPSS Score

0.011

Published

2021-04-13

CVE-2021-22717

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.

CVSS Score

8.8

EPSS Score

0.201

Published

2021-04-13

CVE-2021-22718

CVSS Score

7.8

EPSS Score

0.108

Published

2021-04-13

CVE-2021-22719

CVSS Score

8.8

EPSS Score

0.145

Published

2021-04-13

CVE-2021-22720

CVSS Score

7.2

EPSS Score

0.135

Published

2021-04-13

Page 1

Vulnerabilities

Vulnerable Software

Schneider-Electric: >> C-Bus Toolkit >> 1.15.7 Security Vulnerabilities

Products

Pricing

Contact Us