← back
CVE-2018-7766

CVE-2018-7766

EPSS 1.0%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.
Affected products
Schneider Electric SE · U.Motion

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/