Product

EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2

1 brief RSS

Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform SQL Injection Vulnerability (CVE-2026-9523)

A SQL injection vulnerability (CVE-2026-9523) exists in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2, where manipulating the 'sort' argument in the '/SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree' file leads to remote code execution, and is publicly known and actively exploited.

exploited EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2 sql-injection cve-2026-9523 web-application

1r 1t 1c 58m ago