Schneider Electric Web Admin POST /logsettings Log Truncation Vulnerability
CVE-2026-2403 Published on April 14, 2026

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload.

NVD

Weakness Type

Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Affected Versions

Schneider Electric PowerChute™ Serial Shutdown Version Versions 1.4 and prior is affected by CVE-2026-2403

Schneider Electric Web Admin POST /logsettings Log Truncation VulnerabilityCVE-2026-2403 Published on April 14, 2026

Weakness Type

Improper Validation of Specified Quantity in Input

Affected Versions

Schneider Electric Web Admin POST /logsettings Log Truncation Vulnerability
CVE-2026-2403 Published on April 14, 2026