Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root

Discussion in 'News Aggregator' started by Packet Storm, 31 May 2022.

  1. Packet Storm

    Packet Storm Guest

    Schneider Electric C-Bus Automation Controller (5500SHAC) version 1.10 suffers from an authenticated arbitrary command execution vulnerability. An attacker can abuse the Start-up (init) script editor and exploit the script POST parameter to insert malicious Lua script code and execute commands with root privileges that will grant full control of the device.

    Continue reading...
     

Share This Page

Loading...