First published: Mon Feb 12 2018(Updated: )
A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Struxureon Gateway | <=1.1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.