A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that
allows for remote code execution when using a parameter of the DCE network settings
endpoint.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
References
Configurations
History
No history.
Information
Published : 2023-04-18 21:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-25549
Mitre link : CVE-2023-25549
CVE.ORG link : CVE-2023-25549
JSON object : View
Products Affected
schneider-electric
- struxureware_data_center_expert
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')