Path Traversal Information Disclosure Vulnerability in Schneider Electric U.motion Builder Software

Path Traversal Information Disclosure Vulnerability in Schneider Electric U.motion Builder Software

CVE-2017-7974 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.

Learn more about our User Device Pen Test.