Vulnerability Description: Unrestricted Upload of File with Dangerous Type
Software Version: VAM: Schneider Electric StruxureWare Building Operation WebReports versions 1.0 – 3.1.
NIST: https://nvd.nist.gov/vuln/detail/CVE-2020-7569
CVSv3: 8.8
Severity: High
Credits: Alessandro Bosco, Luca Di Giuseppe, Alessandro Sabetta, Massimiliano Brolli
Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.