Vulnerabilities > Schneider Electric > Andover Continuum 5740 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-23	CVE-2020-7480	Code Injection vulnerability in Schneider-Electric products A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data. network low complexity schneider-electric CWE-94	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.