Arbitrary Code Execution Vulnerability in EcoStruxure Power Monitoring Expert 9.0 and Prior Versions
CVE-2021-22827 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22826. Affected Product: EcoStruxure� Power Monitoring Expert 9.0 and prior versions
Learn more about our User Device Pen Test.