CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Aug 2025 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Schneider-electric
Schneider-electric ecostruxure Power Monitoring Expert Schneider-electric ecostruxure Power Operation With Advanced Reports |
|
Vendors & Products |
Schneider-electric
Schneider-electric ecostruxure Power Monitoring Expert Schneider-electric ecostruxure Power Operation With Advanced Reports |
Wed, 20 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 20 Aug 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed. | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: schneider
Published:
Updated: 2025-08-20T17:21:50.700Z
Reserved: 2025-08-01T04:38:47.036Z
Link: CVE-2025-54926

Updated: 2025-08-20T17:21:46.643Z

Status : Awaiting Analysis
Published: 2025-08-20T14:15:46.797
Modified: 2025-08-20T14:39:07.860
Link: CVE-2025-54926

No data.

Updated: 2025-08-25T22:27:34Z