U Motion Builder
CVE-2017-7974
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files.
AnalysisAI
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can execute arbitrary code and exfiltrate files. Affected products include: Schneider-Electric U.Motion Builder.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.
More in U Motion Builder
View allThe vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software ve
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web servi
A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authenticati
The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Ele
The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prio
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions pri
The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motio
The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions pri
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions
The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions pr
The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today