Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 26 May 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 26 May 2026 03:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument sort results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform getCalcmeterDetailDayListTree sql injection | |
| First Time appeared |
Acrel Electrical
Acrel Electrical eems Enterprise Power Operation And Maintenance Cloud Platform |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:acrel_electrical:eems_enterprise_power_operation_and_maintenance_cloud_platform:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Acrel Electrical
Acrel Electrical eems Enterprise Power Operation And Maintenance Cloud Platform |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-05-26T12:47:34.711Z
Reserved: 2026-05-25T19:24:03.684Z
Link: CVE-2026-9523
Updated: 2026-05-26T12:47:29.746Z
Status : Deferred
Published: 2026-05-26T04:16:27.370
Modified: 2026-06-17T11:05:26.100
Link: CVE-2026-9523
No data.
OpenCVE Enrichment
Updated: 2026-05-26T04:30:36Z