Login Sign Up

CVE-2021-22794

9.1 CRITICAL
Remote Code Execution Path Traversal

📋 TL;DR

This path traversal vulnerability in StruxureWare Data Center Expert allows attackers to access files outside the intended directory, potentially leading to remote code execution. It affects Data Center Expert versions 7.8.1 and earlier. Organizations using this data center infrastructure management software are at risk.

💻 Affected Systems

Products:
  • StruxureWare Data Center Expert
Versions: 7.8.1 and prior
Operating Systems: Windows Server (typically)
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable by default. No special configuration required for exploitation.

📦 What is this software?

Struxureware Data Center Expert by Schneider Electric

View all CVEs affecting Struxureware Data Center Expert →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining administrative control over the Data Center Expert server, potentially accessing sensitive infrastructure data and executing arbitrary commands.

🟠

Likely Case

Unauthorized file access leading to information disclosure of configuration files, credentials, or sensitive infrastructure data.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external exploitation.

🌐 Internet-Facing: HIGH - If exposed to the internet, attackers can exploit this without authentication to potentially gain full control.
🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Path traversal vulnerabilities typically have low exploitation complexity. The advisory suggests remote code execution is possible, indicating significant impact potential.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.9.0 or later

Vendor Advisory: https://www.se.com/ww/en/download/document/SEVD-2021-257-03/

Restart Required: Yes

Instructions:

1. Download Data Center Expert version 7.9.0 or later from Schneider Electric portal. 2. Backup current configuration and data. 3. Install the updated version following vendor documentation. 4. Restart the Data Center Expert service.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Data Center Expert server from untrusted networks and internet

Access Control Restrictions

all

Implement strict firewall rules to limit access to Data Center Expert web interface

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate the Data Center Expert server from untrusted networks
  • Deploy web application firewall (WAF) with path traversal protection rules

🔍 How to Verify

Check if Vulnerable:

Check Data Center Expert version in web interface or installation directory. Versions 7.8.1 and earlier are vulnerable.

Check Version:

Check web interface login page or application properties file for version information

Verify Fix Applied:

Verify installation of version 7.9.0 or later through the web interface or application properties.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns in web server logs
  • Multiple failed path traversal attempts
  • Access to files outside normal web directory

Network Indicators:

  • HTTP requests containing '../' sequences or directory traversal patterns
  • Unusual outbound connections from Data Center Expert server

SIEM Query:

web_access_logs AND (url CONTAINS "../" OR url CONTAINS "..\" OR url CONTAINS "%2e%2e%2f")

📊 Metadata

CVE ID: CVE-2021-22794
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-22
Published: April 13, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-22794, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)