A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
schneider-electric modicon tsxety4103 firmware |
||
schneider-electric modicon tsxety5103 firmware |
||
schneider-electric modicon tsxp574634 firmware |
||
schneider-electric modicon tsxp575634 firmware |
||
schneider-electric modicon tsxp576634 firmware |
||
schneider-electric modicon quantum 140noe77101 firmware |
||
schneider-electric modicon quantum 140noe77111 firmware |
||
schneider-electric modicon quantum 140noc78100 firmware |
||
schneider-electric modicon quantum 140cpu65150 firmware |
||
schneider-electric modicon quantum 140cpu65150c firmware |
||
schneider-electric modicon quantum 140cpu65160c firmware |
||
schneider-electric modicon quantum 140cpu65160 firmware |
||
schneider-electric modicon m340 bmx p34-2010 firmware |
||
schneider-electric modicon m340 bmx p34-2030 firmware |
||
schneider-electric modicon m340 bmx noc 0401 firmware |
||
schneider-electric modicon m340 bmx noe 0100 firmware |
||
schneider-electric modicon m340 bmx noe 0100h firmware |
||
schneider-electric modicon m340 bmx noe 0110 firmware |
||
schneider-electric modicon m340 bmx noe 0110h firmware |
||
schneider-electric modicon m340 bmx nor 0200h firmware |