EUVD-2018-18985

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Sensitive information transmission vulnerability in Schneider Electric's MGE Network Management Card devices.

Reporter	Title	Published	Views	Family All 6
CNVD	Schneider Electric MGE UPS and MGE STS 66074 MGE Network Management Card Transverse Sensitive Information Vulnerability (CNVD-2018-11132)	10 May 201800:00	–	cnvd
CVE	CVE-2018-7246	18 Apr 201820:00	–	cve
Cvelist	CVE-2018-7246	18 Apr 201820:00	–	cvelist
NVD	CVE-2018-7246	18 Apr 201820:29	–	nvd
Prion	Design/Logic Flaw	18 Apr 201820:29	–	prion
Positive Technologies	PT-2018-38: Information Disclosure in APC Uninterrupted Power Supplies	20 Feb 201600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "cb8ccbad-bb22-3f14-aef3-4d98b35ee024",
        "vendor": {
          "name": "Schneider Electric SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "fb6ac583-4779-36bd-826f-ca8231093f53",
        "product": {
          "name": "66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS"
        },
        "product_version": "MGE Network Management Card Transverse, part number: SF66074. All card versions affected, when installed in following products: MGE Galaxy 5000, MGE Galaxy 6000, MGE Galaxy 9000, MGE EPS 7000, MGE EPS 8000, MGE EPS 6000, MGE Comet UPS, MGE Galaxy PW, MGE Galaxy 3000, MGE Galaxy 4000"
      }
    ]
  }
]

Source	Link
schneider-electric	www.schneider-electric.com/en/download/document/SEVD-2018-074-01/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.5High risk

Vulners AI Score9.5

CVSS 39.8

CVSS 25

EPSS0.00151