← Back

C Bus Toolkit

c-bus_toolkit

Vendor: Schneider Electric • 8 CVEs

CVEs (8)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-5402
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Oct 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network.
CVE-2021-22748
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Feb 11, 2022
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and pr...Show more
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)Show less
CVE-2021-22784
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Jul 21, 2021
N/A· v4
5.7 MEDIUM· v3
3.5 LOW· v2
A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.
CVE-2021-22720
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Apr 13, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project.
CVE-2021-22719
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Apr 13, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded.
CVE-2021-22718
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Apr 13, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.
CVE-2021-22717
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Apr 13, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.
CVE-2021-22716
1Schneider Electric
1C Bus Toolkit
Nov 21, 2024
Apr 13, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)