Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
momentum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-35069
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal.This issue affects Bullwark: before BLW-2016E-960H.
Biges Bullwark Momentum Series
7.5
CVSSv3
CVE-2021-22786
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30)...
Schneider-electric Modicon M340 Bmxp341000 Firmware
Schneider-electric Modicon M340 Bmxp342000 Firmware
Schneider-electric Modicon M340 Bmxp342010 Firmware
Schneider-electric Modicon M340 Bmxp3420102 Firmware
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Modicon M340 Bmxp342020h Firmware
Schneider-electric Modicon M340 Bmxp342030 Firmware
Schneider-electric Modicon M340 Bmxp3420302 Firmware
Schneider-electric Modicon M340 Bmxp3420302h Firmware
Schneider-electric Modicon M340 Bmxp342030h Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
Schneider-electric Modicon M580 Bmeh582040s Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmeh584040c Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmeh586040c Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
9.8
CVSSv3
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxur...
Schneider-electric Ecostruxure Control Expert
Schneider-electric Ecostruxure Process Expert
Schneider-electric Modicon M340 Bmxp341000 Firmware -
Schneider-electric Modicon M340 Bmxp342000 Firmware -
Schneider-electric Modicon M340 Bmxp342010 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware -
Schneider-electric Modicon M340 Bmxp342020 Firmware -
Schneider-electric Modicon M340 Bmxp342020h Firmware -
Schneider-electric Modicon M340 Bmxp342030 Firmware -
Schneider-electric Modicon M340 Bmxp3420302 Firmware -
Schneider-electric Modicon M340 Bmxp3420302h Firmware -
Schneider-electric Modicon M340 Bmxp342030h Firmware -
Schneider-electric Modicon M580 Bmeh582040 Firmware -
Schneider-electric Modicon M580 Bmeh582040c Firmware -
Schneider-electric Modicon M580 Bmeh582040s Firmware -
Schneider-electric Modicon M580 Bmeh584040 Firmware -
Schneider-electric Modicon M580 Bmeh584040c Firmware -
Schneider-electric Modicon M580 Bmeh584040s Firmware -
Schneider-electric Modicon M580 Bmeh586040 Firmware -
Schneider-electric Modicon M580 Bmeh586040c Firmware -
Schneider-electric Modicon M580 Bmeh586040s Firmware -
Schneider-electric Modicon M580 Bmep581020 Firmware -
7.5
CVSSv3
CVE-2022-37301
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M...
Schneider-electric Modicon M340 Bmx P34-2010 Firmware
Schneider-electric Modicon M340 Bmx P34-2030 Firmware
Schneider-electric Modicon M580 Bmeh582040 Firmware
Schneider-electric Modicon M580 Bmeh582040c Firmware
Schneider-electric Modicon M580 Bmeh582040s Firmware
Schneider-electric Modicon M580 Bmeh584040 Firmware
Schneider-electric Modicon M580 Bmeh584040c Firmware
Schneider-electric Modicon M580 Bmeh584040s Firmware
Schneider-electric Modicon M580 Bmeh586040 Firmware
Schneider-electric Modicon M580 Bmeh586040c Firmware
Schneider-electric Modicon M580 Bmeh586040s Firmware
Schneider-electric Modicon M580 Bmep581020 Firmware
Schneider-electric Modicon M580 Bmep581020h Firmware
Schneider-electric Modicon M580 Bmep582020 Firmware
Schneider-electric Modicon M580 Bmep582020h Firmware
Schneider-electric Modicon M580 Bmep582040 Firmware
Schneider-electric Modicon M580 Bmep582040h Firmware
Schneider-electric Modicon M580 Bmep582040s Firmware
Schneider-electric Modicon M580 Bmep583020 Firmware
Schneider-electric Modicon M580 Bmep583040 Firmware
Schneider-electric Modicon M580 Bmep584020 Firmware
Schneider-electric Modicon M580 Bmep584040 Firmware
6.5
CVSSv3
CVE-2021-22789
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CP...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
6.5
CVSSv3
CVE-2021-22790
A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modic...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
6.5
CVSSv3
CVE-2021-22791
A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modi...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
7.5
CVSSv3
CVE-2021-22792
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions),...
Schneider-electric Modicon M340 Bmxp341000 -
Schneider-electric Modicon M340 Bmxp342010 -
Schneider-electric Modicon M340 Bmxp342020 -
Schneider-electric Modicon M340 Bmxp342030 -
Schneider-electric Modicon M580 Bmeh582040 -
Schneider-electric Modicon M580 Bmeh582040c -
Schneider-electric Modicon M580 Bmeh582040s -
Schneider-electric Modicon M580 Bmeh584040 -
Schneider-electric Modicon M580 Bmeh584040c -
Schneider-electric Modicon M580 Bmeh584040s -
Schneider-electric Modicon M580 Bmeh586040 -
Schneider-electric Modicon M580 Bmeh586040c -
Schneider-electric Modicon M580 Bmeh586040s -
Schneider-electric Modicon M580 Bmep581020 -
Schneider-electric Modicon M580 Bmep581020h -
Schneider-electric Modicon M580 Bmep582020 -
Schneider-electric Modicon M580 Bmep582020h -
Schneider-electric Modicon M580 Bmep582040 -
Schneider-electric Modicon M580 Bmep582040h -
Schneider-electric Modicon M580 Bmep582040s -
Schneider-electric Modicon M580 Bmep583020 -
Schneider-electric Modicon M580 Bmep583040 -
6.8
CVSSv3
CVE-2018-12323
An issue exists on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate malicious users to login at the console.
Apollotechnologiesinc Momentum Axel 720p
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
4.4
CVSSv3
CVE-2018-12257
An issue exists on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in /e...
Apollotechnologiesinc Momentum Axel 720p Firmware 5.1.8
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »