Security Technology: ZDI-17-389: (0Day) Schneider Electric U.motion Builder runscript Directory Traversal Information Disclosure Vulnerability

ZDI-17-389: (0Day) Schneider Electric U.motion Builder runscript Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to exfiltrate arbitrary files on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability.

from ZDI: Published Advisories http://ift.tt/2sfPKJB

Security Technology

ZDI-17-389: (0Day) Schneider Electric U.motion Builder runscript Directory Traversal Information Disclosure Vulnerability

No comments:

Post a Comment

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading