CVE-2025-54927 | Schneider EcoStruxure Power Monitoring Expert HttpPostedFile path traversal

Inserito da Angelo Barbosa | Ago 12, 2025 | CVE

A vulnerability, which was classified as critical, was found in Schneider EcoStruxure Power Monitoring Expert. Affected is the function HttpPostedFile. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-54927. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-54927 | Schneider EcoStruxure Power Monitoring Expert HttpPostedFile path traversal

Post correlati

CVE-2024-23057 | Totolink A3300R 17.0.0cu.557_B20221024 setNtpCfg tz command injection

CVE-2020-11843 | OpenText NetIQ Access Manager up to 4.5 information disclosure

CVE-2023-4912 | GitLab Enterprise Edition prior 16.4.3/16.5.3/16.6.1 Mermaid Diagram resource consumption

CVE-2024-51495 | LibreNMS up to 24.9.x Device Overview Page overwrite_ip cross site scripting