Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-25555
A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow a user that knows the credentials to execute unprivileged shell commands on the appliance over SSH. Affected products: StruxureWar...
Schneider-electric Struxureware Data Center Expert
8.8
CVSSv3
CVE-2023-28003
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an malicious user to maintain unauthorized access over a hijacked session in PME after the legitimate user has signed out of their account.
Schneider-electric Ecostruxure Power Monitoring Expert
9.8
CVSSv3
CVE-2023-29411
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
9.8
CVSSv3
CVE-2023-29412
A CWE-78: Improper Handling of Case Sensitivity vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface.
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
7.5
CVSSv3
CVE-2023-29413
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause Denial-of-Service when accessed by an unauthenticated user on the Schneider UPS Monitor service.
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
6.5
CVSSv3
CVE-2022-43378
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 a...
Schneider-electric Netbotz 355 Firmware
Schneider-electric Netbotz 450 Firmware
Schneider-electric Netbotz 455 Firmware
Schneider-electric Netbotz 550 Firmware
Schneider-electric Netbotz 570 Firmware
6.7
CVSSv3
CVE-2022-34755
A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation proce...
Schneider-electric Easergy Builder Installer
6.1
CVSSv3
CVE-2022-43376
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7...
Schneider-electric Netbotz 355 Firmware
Schneider-electric Netbotz 450 Firmware
Schneider-electric Netbotz 455 Firmware
Schneider-electric Netbotz 550 Firmware
Schneider-electric Netbotz 570 Firmware
7.5
CVSSv3
CVE-2022-43377
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)
Schneider-electric Netbotz 355 Firmware
Schneider-electric Netbotz 450 Firmware
Schneider-electric Netbotz 455 Firmware
Schneider-electric Netbotz 550 Firmware
Schneider-electric Netbotz 570 Firmware
8.8
CVSSv3
CVE-2023-25556
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to the KNX installation.
Schneider-electric Merten Instabus Tastermodul 1fach System M Firmware 1.0
Schneider-electric Merten Instabus Tastermodul 2fach System M Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.2
Schneider-electric Merten Knx Argus 180\\/2\\,20m Up System Firmware 1.0
Schneider-electric Merten Jalousie-\\/schaltaktor Reg-k\\/8x\\/16x\\/10 M. Hb Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.1
Schneider-electric Merten Knx Schaltakt.2x6a Up M.2 Eing. Firmware 0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »