← back
CVE-2018-7768

CVE-2018-7768

EPSS 1.0%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter.
Affected products
Schneider Electric SE · U.Motion

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/