Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform...

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead to path traversal. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-9550

Source VulDB

Published May 26, 2026 at 13:30

Affected Product

Vendor Acrel Electrical

Product EEMS Enterprise Power Operation and Maintenance Cloud Platform

Version 1.3.0

Affected Versions Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead to path traversal. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-26T13:30:39.652Z",
    "modified": "2026-05-26T13:30:39.652Z",
    "type": "cve",
    "title": "Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform upfile path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365609\nhttps://vuldb.com/vuln/365609/cti\nhttps://vuldb.com/submit/815455\nhttps://ucn9h68n9289.feishu.cn/wiki/FC6swHuyqiLVyfkwKcNc8sCjnfb",
    "id": "CVE-2026-9550",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EEMS Enterprise Power Operation and Maintenance Cloud Platform",
    "version": "1.3.0",
    "vendor": "Acrel Electrical",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform upfile path traversal_CVE-2026-9550