QwikSec

Security Database

CVE

CWE

Training

CVE-2020-7569

Published: Nov 19, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.

Vendor	Product	Versions
n/a	EcoStruxure Building Operation WebReports V1.9 - V3.1	affected `EcoStruxure Building Operation WebReports V1.9 - V3.1`

Weaknesses (CWE)

References

https://www.se.com/ww/en/download/document/SEVD-2020-315-04/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.