CNNVD-202508-2254 Information
CNNVD ID
CNNVD-202508-2254
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Schneider Electric EcoStruxure Power Monitoring Expert和Schneider Electric EcoStruxure Power Operation(Schneider Electric EPO)都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric EcoStruxure Power Monitoring Expert是一个用于物联网环境中进行配电监控的设备。Schneider Electric EcoStruxure Power Operation是一个单一平台边缘控制。 Schneider Electric EcoStruxure Power Monitoring Expert和Schneider Electric EcoStruxure Power Operation存在安全漏洞,该漏洞源于路径名限制不当,可能导致远程代码执行。
Description (English)
Schneider EcoStruxure Power Monitoring Export and Schneider EcoStruxure Power Operations are products of Schneider Electric EPO, France. Schneider Electric EcoStruxure Power Monitoring Export is a device for electrical distribution monitoring in an object-networked environment. Schneider Electric EcoStruxure Power Operation is a single platform edge control. There is a security loophole in Schneider Electric EcoStruxure Power Monitoring Export and Schneider Electric EcoStruxure Power Operation, which stems from inappropriate path name limitations that may lead to remote code implementation.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
施耐德电气。
Published
2025-08-20
Last Modified
2026-02-24
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-02.pdf https://nvd.nist.gov/vuln/detail/CVE-2025-54926