CVE-2026-9550 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform upfile path traversal

Inserito da Angelo Barbosa | Mag 26, 2026 | CVE

A vulnerability described as critical has been identified in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead to path traversal.

This vulnerability appears as CVE-2026-9550. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9550 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform upfile path traversal

Post correlati

CVE-2023-5970 | SonicWall SMA100/SMA 200/SMA 210/SMA 400/SMA 410/SMA 500v 10.2.1.9-57sv MFA improper authentication (SNWLID-2023-0018)

CVE-2024-5394 | itsourcecode Online Student Enrollment System 1.0 newDept.php deptname sql injection

CVE-2024-54158 | JetBrains YouTrack up to 2024.3.51866 Punycode Encoding alternate encoding

CVE-2024-3732 | GeoDirectory Plugin up to 2.3.48 on WordPress Shortcode gd_single_tabs cross site scripting