Arbitrary Code Execution Vulnerability in ABB CP400 Panel Builder's TextEditor 2.0

Arbitrary Code Execution Vulnerability in ABB CP400 Panel Builder's TextEditor 2.0

CVE-2018-19008 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and earlier contain a vulnerability in the file parser of the Text Editor wherein the application doesn't properly prevent the insertion of specially crafted files which could allow arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.