Improper Input Validation in PowerLogic EGX100 and EGX300
CVE-2021-22768
9.8CRITICAL
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 11 June 2021
What is CVE-2021-22768?
An improper input validation vulnerability has been identified in the PowerLogic EGX100 (starting from version 3.0.0) and all versions of the EGX300. This flaw can be exploited through a crafted HTTP packet, potentially leading to denial of service or remote code execution. Organizations using these products should implement necessary security measures to mitigate the risk associated with this vulnerability.
Affected Version(s)
PowerLogic EGX100 ( 3.0.0 and newer) and PowerLogic EGX300 (All ) PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions)