CVE-2024-37037

Name of the Vulnerable Software and Affected Versions Schneider Electric Sage versions (affected versions not specified)

Description The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to impact the integrity of protected information and cause a denial of service using a specially crafted HTTP request. The vulnerability exists in the web interface and can be exploited by an authenticated user with access to the device's web interface, potentially corrupting files and impacting device functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.