Data Center Expert Versions 7.5.0 And Earlier
Approved changes feed: RSS · Atom
cpe:2.3:a:schneider_electric_se:data_center_expert_versions_7.5.0_and_earlier:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Schneider Electric Se (25d1a66d-bfb8-5d1c-9a6c-4a2405fe5386) |
|---|---|
| Product | Data Center Expert Versions 7.5.0 And Earlier (86ebb049-35ba-5b99-a09a-38be755fe0f8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-7807 |
vulnerable | 2026-06-03 14:39:07.476222 |
Details available
Data Center Expert, versions 7.5.0 and earlier, allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary upload of files contained with the zip onto the server file system outside of the intended directory. This is leveraging the more commonly known ZipSlip vulnerability within Java code.
Published: 2018-11-30T19:00:00.000Z
Updated: 2024-08-05T06:37:59.166Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.