Description
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed.
Problem types
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Product status
Version 2022
Version 2023
Version 2024
Version 2024 R2
Version 2022 w/ Advanced Reporting Module
Version 2024 w/ Advanced Reporting Module
References
download.schneider-electric.com/...Name=SEVD-2025-224-02.pdf