top of page
perceptive_background_267k.jpg

A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the…

Published:

2 mei 2026 om 22:00:00

Alert date:

3 mei 2026 om 14:00:44

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications, Critical Infrastructure, Database & Storage

A SQL injection vulnerability has been discovered in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform version 1.3.0. The vulnerability affects the /SubstationWEBV2/main/elecMaxMinAvgValue file through manipulation of the fCircuitids parameter. The attack can be initiated remotely and the exploit has been publicly disclosed. The vendor was contacted about the disclosure but did not respond. This vulnerability poses a significant security risk as it allows remote attackers to potentially access or manipulate database information through SQL injection techniques.

Technical details

Mitigation steps:

Affected products:

Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7695
https://ucn9h68n9289.feishu.cn/wiki/QoXfwTAOiiYw2OkO0vAc7b7SnGg
https://vuldb.com/submit/803275
https://vuldb.com/vuln/360864
https://vuldb.com/vuln/360864/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page