Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric u.motion vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-6835
A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an ma...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
9.8
CVSSv3
CVE-2019-6840
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an malicious use...
Schneider-electric Meg6501-0001 Firmware
Schneider-electric Meg6501-0002 Firmware
Schneider-electric Meg6260-0410 Firmware
Schneider-electric Meg6260-0415 Firmware
6.5
CVSSv3
CVE-2020-7499
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.
Schneider-electric Mtn6501-0001 Firmware
Schneider-electric Mtn6501-0002 Firmware
Schneider-electric Mtn6260-0410 Firmware
Schneider-electric Mtn6260-0415 Firmware
Schneider-electric Mtn6260-0310 Firmware
Schneider-electric Mtn6260-0315 Firmware
9.8
CVSSv3
CVE-2020-7500
A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicio...
Schneider-electric Mtn6501-0001 Firmware
Schneider-electric Mtn6501-0002 Firmware
Schneider-electric Mtn6260-0410 Firmware
Schneider-electric Mtn6260-0415 Firmware
Schneider-electric Mtn6260-0310 Firmware
Schneider-electric Mtn6260-0315 Firmware
NA
CVE-2018-78412
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4