An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:NSelinc Sel 5030 Acselerator Quickset
APPSelinc≤ 7.1.3.0
Related vulnerabilities
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Labor...
An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 ac...
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Labor...
An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030...
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation C...