Vulnerabilities > Schneider Electric > Ecostruxure Power Build Rapsody
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2021-22698 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13 A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed. | 6.8 |
| 2021-01-26 | CVE-2021-22697 | Unrestricted Upload of File with Dangerous Type vulnerability in Schneider-Electric Ecostruxure Power Build - Rapsody 2.1.13 A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed. | 6.8 |