Schneider-Electric: >> C-Bus Toolkit >> 1.15.9 Security Vulnerabilities
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote
code execution when the transfer command is used over the network.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-04
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)
CVSS Score
8.8
EPSS Score
0.035
Published
2022-02-11