4 matches found
Design/Logic Flaw
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. he integrated web server Port 80/443/TCP of the affected devices could allow remote attackers to discover an administrative...
CVE-2018-7245
The CVE-2018-7245 vulnerability affects Schneider Electric’s 66074 MGE Network Management Card Transverse (installed in MGE UPS and MGE STS). Root cause: improper authorization in the device’s integrated web server (HTTP/HTTPS) that could allow an unauthenticated, remote attacker to modify UPS co...
CVE-2018-7244
An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server Port 80/443/TCP of the affected devices could allow a remote attacker to obtain sensitive device information if network...
CVE-2018-7243
Schneider Electric 66074 MGE Network Management Card Transverse in MGE UPS/MGE STS is affected by CVE-2018-7243, an authorization bypass via the device's integrated web server (ports 80/443/TCP). The vulnerability allows a remote attacker to gain full access to the device by bypassing authenticat...