A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-315-04/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: schneider
Published: 2020-11-19T21:02:16
Updated: 2024-08-04T09:33:19.872Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7569
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-19T22:15:15.240
Modified: 2024-11-21T05:37:23.730
Link: CVE-2020-7569
Redhat
No data.