cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-5399,https://securityvulnerability.io/vulnerability/CVE-2023-5399,Path Traversal Vulnerability in C-Bus by Schneider Electric,"A vulnerability exists in C-Bus by Schneider Electric that allows for improper limitation of a pathname, resulting in path traversal. This could potentially enable unauthorized access and manipulation of files on the personal computer running the C-Bus software, primarily during operations utilizing the File Command.",Schneider Electric,C-Bus Toolkit,9.8,CRITICAL,0.002099999925121665,false,,false,false,false,,,false,false,,2023-10-04T19:15:00.000Z,0
CVE-2023-5402,https://securityvulnerability.io/vulnerability/CVE-2023-5402,Improper Privilege Management Vulnerability in Schneider Electric's Networked Products,An improper privilege management vulnerability has been identified in certain networked products produced by Schneider Electric. This vulnerability could potentially allow an attacker to execute arbitrary code remotely when the transfer command is utilized over the network. Proper measures should be taken to safeguard affected products against exploitation.,Schneider Electric,C-Bus Toolkit,9.8,CRITICAL,0.0026499999221414328,false,,false,false,false,,,false,false,,2023-10-04T18:15:00.000Z,0
CVE-2021-22796,https://securityvulnerability.io/vulnerability/CVE-2021-22796,Improper Authentication Vulnerability in C-Bus Toolkit and C-Gate Server by Schneider Electric,"This vulnerability involves improper authentication mechanisms in the C-Bus Toolkit and C-Gate Server, potentially allowing an attacker to upload malicious files. If exploited, it may lead to unauthorized remote code execution, compromising the integrity and security of the affected systems. Users are encouraged to update their systems to the latest versions to mitigate this risk.",Schneider Electric,"C-bus Toolkit (v1.15.9 And Prior), C-gate Server (v2.11.7 And Prior)",7.8,HIGH,0.0031900000758469105,false,,false,false,false,,,false,false,,2022-02-11T17:40:30.000Z,0
CVE-2021-22748,https://securityvulnerability.io/vulnerability/CVE-2021-22748,Path Traversal Vulnerability in C-Bus Toolkit and C-Gate Server by Schneider Electric,"A vulnerability exists in the C-Bus Toolkit and C-Gate Server that allows an attacker to exploit improper restrictions on file paths. By leveraging this flaw, a remote attacker could potentially execute malicious code when a file is saved, leading to unauthorized access and control of the system.",Schneider Electric,"C-bus Toolkit (v1.15.9 And Prior), C-gate Server (v2.11.7 And Prior)",8.8,HIGH,0.006610000040382147,false,,false,false,false,,,false,false,,2022-02-11T17:40:29.000Z,0
CVE-2021-22784,https://securityvulnerability.io/vulnerability/CVE-2021-22784,Missing Authentication Vulnerability in C-Bus Toolkit by Schneider Electric,"A vulnerability exists in C-Bus Toolkit versions prior to 1.15.8, allowing attackers to exploit missing authentication controls. By crafting a malicious webpage, an attacker can potentially gain unauthorized remote access to the system, compromising its integrity and exposing sensitive data. This highlights the importance of robust authentication measures in critical applications to safeguard against unauthorized access.",Schneider Electric,C-bus Toolkit V1.15.8 And Prior,5.7,MEDIUM,0.006690000183880329,false,,false,false,false,,,false,false,,2021-07-21T10:40:29.000Z,0
CVE-2021-22716,https://securityvulnerability.io/vulnerability/CVE-2021-22716,Remote Code Execution Vulnerability in C-Bus Toolkit by Schneider Electric,"A vulnerability exists in the C-Bus Toolkit software that allows an unprivileged user to modify critical files, potentially leading to remote code execution. This issue arises from improper permission assignments, which can be exploited if not addressed. Users are urged to update to the latest version to mitigate any risks associated with this vulnerability.",Schneider Electric,C-bus Toolkit,7.8,HIGH,0.0011899999808520079,false,,false,false,false,,,false,false,,2021-04-13T19:15:00.000Z,0
CVE-2021-22720,https://securityvulnerability.io/vulnerability/CVE-2021-22720,Path Traversal Vulnerability in C-Bus Toolkit by Schneider Electric,"A path traversal vulnerability exists in C-Bus Toolkit, specifically in versions V1.15.7 and prior. This flaw may allow an attacker to exploit the software when restoring a project, potentially leading to remote code execution. By manipulating the file path during the restoration process, unauthorized access to restricted directories could be achieved, endangering the system's security and integrity.",Schneider Electric,C-bus Toolkit V1.15.7 And Prior,7.2,HIGH,0.6744099855422974,false,,false,false,false,,,false,false,,2021-04-13T18:32:29.000Z,0
CVE-2021-22719,https://securityvulnerability.io/vulnerability/CVE-2021-22719,Path Traversal Vulnerability in C-Bus Toolkit by Schneider Electric,"A vulnerability exists in the C-Bus Toolkit, where improper limitations on a pathname can lead to path traversal issues. This can allow an attacker to upload a file that may execute arbitrary code on the system. Such scenarios pose significant risks, as they potentially compromise the integrity and confidentiality of the affected systems. Users should upgrade to versions beyond V1.15.7 to safeguard against these risks.",Schneider Electric,C-bus Toolkit V1.15.7 And Prior,8.8,HIGH,0.030950000509619713,false,,false,false,false,,,false,false,,2021-04-13T18:32:12.000Z,0
CVE-2021-22718,https://securityvulnerability.io/vulnerability/CVE-2021-22718,Path Traversal Vulnerability in C-Bus Toolkit by Schneider Electric,"A path traversal vulnerability exists in the C-Bus Toolkit, enabling an attacker to manipulate project file paths, which may lead to remote code execution. This flaw, present in versions V1.15.7 and earlier, poses significant risks when restoring project files, as it could allow unauthorized access to restricted directories.",Schneider Electric,C-bus Toolkit V1.15.7 And Prior,7.8,HIGH,0.004519999958574772,false,,false,false,false,,,false,false,,2021-04-13T18:31:49.000Z,0
CVE-2021-22717,https://securityvulnerability.io/vulnerability/CVE-2021-22717,Path Traversal Vulnerability in C-Bus Toolkit by Schneider Electric,"A path traversal vulnerability is present in the C-Bus Toolkit, specifically in versions V1.15.7 and earlier. This security flaw allows an attacker to potentially execute arbitrary code remotely by manipulating the processing of configuration files. The improper limitation of a pathname to a restricted directory can be exploited, leading to unauthorized access and control over the affected system. Organizations using these versions of the C-Bus Toolkit should prioritize patching to mitigate the risk associated with this vulnerability.",Schneider Electric,C-bus Toolkit V1.15.7 And Prior,8.8,HIGH,0.030950000509619713,false,,false,false,false,,,false,false,,2021-04-13T18:31:31.000Z,0