cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-4062,https://securityvulnerability.io/vulnerability/CVE-2022-4062,Improper Authorization in EcoStruxure Power Commission by Schneider Electric,"An improper authorization vulnerability exists within the EcoStruxure Power Commission application, allowing attackers with access to the localhost interface to gain unauthorized entry to sensitive software functionalities. This issue affects all versions prior to V2.25, emphasizing the importance of timely updates to safeguard against potential exploits.",Schneider Electric,Ecostruxure Power Commission,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0
CVE-2022-0223,https://securityvulnerability.io/vulnerability/CVE-2022-0223,Path Traversal Vulnerability in EcoStruxure Power Commission by Schneider Electric,"A vulnerability exists in the EcoStruxure Power Commission software due to improper limitations of pathname, allowing attackers to exploit this weakness. This may enable unauthorized users to create or overwrite essential files, leading to potential unauthenticated code execution. It is crucial for users of affected versions to update their software to mitigate the risk of exploitation.",Schneider Electric,Ecostruxure Power Commission,6.5,MEDIUM,0.003759999992325902,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2022-22731,https://securityvulnerability.io/vulnerability/CVE-2022-22731,Path Traversal Vulnerability in EcoStruxure Power Commission by Schneider Electric,"A vulnerability exists in EcoStruxure Power Commission, allowing attackers to exploit improper pathname limitations that could lead to path traversal attacks. This flaw may enable unauthorized creation or modification of critical files necessary for executing code, such as libraries and programs, thereby posing significant security risks.",Schneider Electric,Ecostruxure Power Commission,6.5,MEDIUM,0.003759999992325902,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0
CVE-2022-22732,https://securityvulnerability.io/vulnerability/CVE-2022-22732,Resource Exposure Vulnerability in EcoStruxure Power Commission by Schneider Electric,"A resource exposure vulnerability exists in EcoStruxure Power Commission that can allow remote domains to access resources on the server. This occurs when an attacker sends a fetch request from a malicious third-party site, allowing unauthorized access to sensitive data. It is essential for users of affected versions to upgrade to V2.22 or later to mitigate the risk associated with this vulnerability.",Schneider Electric,Ecostruxure Power Commission,3.9,LOW,0.0019600000232458115,false,,false,false,false,,,false,false,,2023-01-30T00:00:00.000Z,0