Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric u.motion vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-7499
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.
Schneider-electric Mtn6501-0001 Firmware
Schneider-electric Mtn6501-0002 Firmware
Schneider-electric Mtn6260-0410 Firmware
Schneider-electric Mtn6260-0415 Firmware
Schneider-electric Mtn6260-0310 Firmware
Schneider-electric Mtn6260-0315 Firmware
668
VMScore
CVE-2020-7500
A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicio...
Schneider-electric Mtn6501-0001 Firmware
Schneider-electric Mtn6501-0002 Firmware
Schneider-electric Mtn6260-0410 Firmware
Schneider-electric Mtn6260-0415 Firmware
Schneider-electric Mtn6260-0310 Firmware
Schneider-electric Mtn6260-0315 Firmware
668
VMScore
CVE-2019-6840
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an malicious use...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
445
VMScore
CVE-2019-6836
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow the fi...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
570
VMScore
CVE-2019-6837
A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could c...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
312
VMScore
CVE-2019-6835
A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an ma...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
490
VMScore
CVE-2019-6838
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
578
VMScore
CVE-2019-6839
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), ...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
755
VMScore
CVE-2018-7841
A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered.
Schneider-electric U.motion Builder 1.3.4
1 EDB exploit
NA
CVE-2018-78412
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »