A CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated malicious user to gain the same privilege as the application on the server when a malicious payload is provided over HTTP for the server to execute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric insighthome_firmware |
||
schneider-electric insighthome_firmware 1.16 |
||
schneider-electric insightfacility_firmware |
||
schneider-electric insightfacility_firmware 1.16 |
||
schneider-electric conext_gateway_firmware |
||
schneider-electric conext_gateway_firmware 1.16 |