Schneider-electric

C-bus Toolkit

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-5402

  • EPSS 0.28%
  • Published 04.10.2023 18:15:12
  • Last modified 21.11.2024 08:41:42

A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network.

8.8

CVE-2021-22748

  • EPSS 3.8%
  • Published 11.02.2022 18:15:08
  • Last modified 21.11.2024 05:50:35

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 a...

5.7

CVE-2021-22784

Exploit
  • EPSS 1.43%
  • Published 21.07.2021 15:15:15
  • Last modified 21.11.2024 05:50:39

A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.

7.8

CVE-2021-22716

  • EPSS 0.19%
  • Published 13.04.2021 19:15:14
  • Last modified 21.11.2024 05:50:31

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)

8.8

CVE-2021-22717

  • EPSS 17.68%
  • Published 13.04.2021 19:15:14
  • Last modified 21.11.2024 05:50:31

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.

7.8

CVE-2021-22718

  • EPSS 3.76%
  • Published 13.04.2021 19:15:14
  • Last modified 21.11.2024 05:50:31

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.

8.8

CVE-2021-22719

  • EPSS 15.63%
  • Published 13.04.2021 19:15:14
  • Last modified 21.11.2024 05:50:31

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded.

7.2

CVE-2021-22720

Exploit
  • EPSS 12%
  • Published 13.04.2021 19:15:14
  • Last modified 21.11.2024 05:50:31

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project.