CVE-2023-25554

A CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS
Command Injection’) vulnerability exists that allows a local privilege escalation on the appliance
when a maliciously crafted Operating System command is entered on the device.

Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Source: CVE-2023-25554