Vulnerability CVE-2023-25555


Published: 2023-04-18

Description:















A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS
Command Injection') vulnerability exists that could allow a user that knows the credentials to
execute unprivileged shell commands on the appliance over SSH.
















Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-045-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-045-02.pdf

Copyright 2026, cxsecurity.com

 

Back to Top