CVE-2026-7695 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform elecMaxMinAvgValue sql injection

A vulnerability classified as critical has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file /SubstationWEBV2/main/elecMaxMinAvgValue. The manipulation of the argument fCircuitids leads to sql injection.

This vulnerability is listed as CVE-2026-7695. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7695 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform elecMaxMinAvgValue sql injection

Post correlati

CVE-2024-42218 | 1Password up to 8.10.36 on macOS information disclosure

CVE-2024-54227 | theDotstore Minimum and Maximum Quantity for WooCommerce Plugin authorization

CVE-2021-47157 | Kossy up to 0.59 on Perl JSON X-Requested-With Privilege Escalation

CVE-2024-51786 | BestWebSoft Realty Plugin up to 1.1.5 on WordPress cross site scripting