Improper input validation in Indusoft Web_studio

CVE-2015-7375

Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted Indusoft Project file.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.008 (74.2th percentile) — read the EPSS interpretation.