Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-7937

Published: 21/12/2015 Updated: 10/04/2024
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Schneider-electric

Vulnerability Summary

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote malicious users to execute arbitrary code via a long password in HTTP Basic Authentication data.

Vulnerable Product Search on Vulmon Subscribe to Product

schneider-electric bmxnoe0110h -

schneider-electric bmxpra0100 -

schneider-electric bmxnoc0401 -

schneider-electric bmxnor0200h -

schneider-electric bmxnoe0100 -

schneider-electric bmxnor0200 -

schneider-electric bmxnoe0110 -

schneider-electric bmxnoe0100h -

schneider-electric modicon m340 bmxp342020 -

schneider-electric modicon m340 bmxp342030 -

schneider-electric modicon m340 bmxp3420302 -

schneider-electric modicon m340 bmxp342020h -

schneider-electric modicon m340 bmxp3420302h -

References

CWE-119http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01http://www.securityfocus.com/bid/79622https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook