A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-447/ | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2021-04-13 19:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-22717
Mitre link : CVE-2021-22717
CVE.ORG link : CVE-2021-22717
JSON object : View
Products Affected
schneider-electric
- c-bus_toolkit
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')