CVE-2017-7974

Summary

A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEU.MotionU.motion Builder Versions 1.2.1 and prior.affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References