A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
schneider-electric andover_continuum_9680_firmware |
||
schneider-electric andover_continuum_5740_firmware |
||
schneider-electric andover_continuum_5720_firmware |
||
schneider-electric andover_continuum_bcx4040_firmware |
||
schneider-electric andover_continuum_bcx9640_firmware |
||
schneider-electric andover_continuum_9900_firmware |
||
schneider-electric andover_continuum_9940_firmware |
||
schneider-electric andover_continuum_9941_firmware |
||
schneider-electric andover_continuum_9924_firmware |
||
schneider-electric andover_continuum_9702_firmware |
||
schneider-electric andover_continuum_9200_firmware |
Vulmon