EUVD-2026-31782
GHSA-cvjv-qpq8-hjx4
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument sort results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2 enables remote unauthenticated attackers to manipulate the sort parameter at the /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree endpoint, achieving partial read, write, and availability impact against the backend database. The ..; path segment is a known Java servlet filter-bypass technique, suggesting the endpoint may circumvent URL-based access controls before reaching the vulnerable query handler. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The target must be running Acrel EEMS Enterprise Power Operation and Maintenance Cloud Platform version 3000WEBV2 and be reachable over the network. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 5.5 (Medium) is shaped by a fully unauthenticated network vector (AV:N/AC:L/AT:N/PR:N/UI:N) paired with only partial impact across confidentiality, integrity, and availability (VC:L/VI:L/VA:L) with no scope change to subsequent systems (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker identifies an internet-exposed Acrel EEMS 3000WEBV2 instance and sends a crafted HTTP GET or POST request to `/SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree` with a malicious `sort` parameter value containing SQL injection syntax - for example, a UNION SELECT or boolean-based blind payload. The `..;` path segment bypasses URL-pattern security filters on the application server, reaching the vulnerable handler without triggering access control checks. … |
| Remediation | No vendor-released patch identified at time of analysis - the vendor did not respond to responsible disclosure, and no fixed version has been published. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today