CVE-2026-9550 | Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform upfile path traversal

A vulnerability described as critical has been identified in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead to path traversal.

This vulnerability appears as CVE-2026-9550. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More