Security Advisory

CVE-2017-9970

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-02-12 23:00:00

Last updated 2024-09-16 22:36:48

Assigner schneider

State PUBLISHED

Description

A remote code execution vulnerability exists in Schneider Electrics StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution.

← Browse all CVEs View on cve.org ↗