CVE-2026-7696 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform uploadH5Files unrestricted upload

A vulnerability classified as critical was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. The manipulation of the argument File results in unrestricted upload.

This vulnerability is cataloged as CVE-2026-7696. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7696 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform uploadH5Files unrestricted upload

Post correlati

CVE-2024-28044 | OpenHarmony up to 4.1.0 integer overflow

CVE-2025-11994 | Easy Email Subscription Plugin up to 1.3 on WordPress Name cross site scripting

CVE-2024-35735 | CodePeople WP Time Slots Booking Form Plugin up to 1.2.11 on WordPress authorization

CVE-2025-4515 | Zylon PrivateGPT up to 0.6.2 settings.yaml allow_origins cross-domain policy