A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for version information) which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric modicon_m340_bmxp3420302_firmware |
||
schneider-electric modicon_m340_bmxp342000_firmware |
||
schneider-electric modicon_m340_bmxp341000_firmware |
||
schneider-electric modicon_m340_bmxp3420102_firmware |
||
schneider-electric bmxnoe0100_firmware |
||
schneider-electric bmxnoe0110_firmware |
||
schneider-electric bmxnoc0401_firmware |
||
schneider-electric tsxp574634_firmware |
||
schneider-electric tsxp575634_firmware |
||
schneider-electric tsxp576634_firmware |
||
schneider-electric tsxety4103_firmware |
||
schneider-electric tsxety5103_firmware |
||
schneider-electric 140noe77111_firmware |
||
schneider-electric 140noc78000_firmware |
||
schneider-electric 140noc77101_firmware |
||
schneider-electric 140cpu65260_firmware |