CVE-2021-22795
published 2022-04-13CVE-2021-22795: A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | struxureware_data_center_expert | <= 7.8.1 | — |
| schneider_electric | struxureware_data_center_expert | >= unspecified < V7.8.1 | V7.8.1 |