CVE-2025-54927 | Schneider EcoStruxure Power Monitoring Expert HttpPostedFile path traversal

Inserito da Angelo Barbosa | Ago 12, 2025 | CVE

A vulnerability, which was classified as critical, was found in Schneider EcoStruxure Power Monitoring Expert. Affected is the function HttpPostedFile. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-54927. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-54927 | Schneider EcoStruxure Power Monitoring Expert HttpPostedFile path traversal

Post correlati

CVE-2024-1473 | Colorlib Coming Soon & Maintenance Mode Plugin up to 1.0.99 on WordPress information disclosure

CVE-2024-22356 | IBM App Connect Enterprise/Integration Bus up to 11.0.0.23/12.0.9.0 on z/OS neutralization for logs (XFDB-280893)

CVE-2024-8444 | Download Manager Plugin up to 3.2.x on WordPress Shortcode cross site scripting

CVE-2025-21825 | Linux Kernel up to 6.12.12/6.13.1 bpf alloc_htab_elem return value