CNVD-2017-09463 — Vulnetix

CNVD-2017-09463 PUBLISHED

U.motion Builder是法国施耐德电气（Schneider Electric）公司的一款生成器产品。 Schneider Electric U.motion Builder loadtemplate存在远程代码执行漏洞。底层SQLite数据库查询需要在tpl输入参数上进行SQL注入。远程攻击者可以利用此漏洞对数据库执行任意命令。

Affected Products

Vendor	Product	Versions
	Schneider Electric U.motion Builder

Timeline

Jun 14, 2017 CVE ID Reserved
Jun 14, 2017 CVE Published

References

http://www.zerodayinitiative.com/advisories/ZDI-17-374/ url

Open in Interactive Console →