A vulnerability, which was classified as critical , has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2 . Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree . Performing a manipulation of the argument sort results in sql injection. This vulnerability is identified as CVE-2026-9523 . The attack can be initiated remotely. Additionally, an exploit exists. The vendo