2018-02-12 23:00:00
schneider
PUBLISHED
A remote code execution vulnerability exists in Schneider Electrics StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution.