CNNVD-202507-1637 Information

Jul 11, 2025 cve

CNNVD ID

CNNVD-202507-1637

CVE-2025-50121

CNNVD Published: 2025-07-11

Description (Chinese)

Schneider Electric EcoStruxure IT Data Center Expert是法国施耐德电气（Schneider Electric）公司的一款可扩展的监控软件，用于收集、组织和分发关键设备信息，提供设备的全面视图。 Schneider Electric EcoStruxure IT Data Center Expert存在操作系统命令注入漏洞，该漏洞源于对特殊元素中和不当，可能导致未经验证的远程代码执行。

Description (English)

Schneider Electric EcoStruxure IT Data Center Expert is an extended surveillance software for Schneider Electric, France, which collects, organizes and distributes information on key equipment and provides a full view of the equipment. Schneider Electric EcoStruxure IT Data Center Expert has an operational system command leak that originates in inappropriate ad hoc elements and may lead to unverified remote code execution.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

SCHUHFRIED

Published

2025-07-11

Last Modified

2026-02-24

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-189-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-189-01.pdf

Patch

https://www.apc.com/us/en/product-range/61851-ecostruxure-it-data-center-expert/#products

Share on: