CNNVD-202507-1640 Information
CNNVD ID
CNNVD-202507-1640
Related CVE
- CNNVD Published: 2025-07-11
Description (Chinese)
Schneider Electric EcoStruxure IT Data Center Expert是法国施耐德电气(Schneider Electric)公司的一款可扩展的监控软件,用于收集、组织和分发关键设备信息,提供设备的全面视图。 Schneider Electric EcoStruxure IT Data Center Expert存在代码注入漏洞,该漏洞源于代码生成控制不当,可能导致特权账户远程命令执行。
Description (English)
Schneider Electric EcoStruxure IT Data Center Expert is an extended surveillance software for Schneider Electric, France, which collects, organizes and distributes information on key equipment and provides a full view of the equipment. Schneider Electric EcoStruxure IT Data Center Expert has a code-injection loophole, which arises from inadequate code generation controls, which may lead to the remote command execution of the privileged account.
Hazard Level
Medium
Vulnerability Type
代码注入
Affected Vendor
SCHUHFRIED
Published
2025-07-11
Last Modified
2026-02-24
References
Patch
https://www.apc.com/us/en/product-range/61851-ecostruxure-it-data-center-expert/#products
Share on: