CVEs (24)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Schneider Electric 1U.motion Builder May 13, 2026 Sep 26, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contains a hidden system account with a hardcoded password. An attacker can use this information...Show more |
1Schneider Electric 1U.motion Builder May 13, 2026 Sep 26, 2017 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system contains a hard-coded valid session. An attacker can use that session ID as par...Show more |
1Schneider Electric 1U.motion Builder May 13, 2026 Sep 26, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files. |
1Schneider Electric 1U.motion Builder May 13, 2026 Sep 26, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL comman...Show more |