A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-448/ | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2021-04-13 12:15
Updated : 2021-06-02 08:02
NVD link : CVE-2021-22718
Mitre link : CVE-2021-22718
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
schneider-electric
- c-bus_toolkit