359 matches found
Schneider Modicon SCADA Ladder Logic Upload/Download
A vulnerability has been reported in Schneider Electric Modicon Quantum. The vulnerability is due to the use of unauthenticated administrative function...
Schneider Modicon SCADA Remote START/STOP Command
A vulnerability has been reported in Schneider Electric Modicon Quantum. The vulnerability is due to the use of unauthenticated administrative function...
Schneider Modicon Quantum Password Recovery
The Schneider Modicon Quantum series of Ethernet cards store usernames and passwords for the system in files that may be retrieved via backdoor access. This module is based on the original 'modiconpass.rb' Basecamp module from DigitalBond. This module requires Metasploit:...
CVE-2012-0930
Cross-site scripting XSS vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0929
Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the 1 FTP server or 2 HTTP server...
CVE-2012-0931
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors...
Authentication flaw
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors...
Buffer overflow
Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the 1 FTP server or 2 HTTP server...
Cross site scripting
Cross-site scripting XSS vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0931
CVE-2012-0931 concerns Schneider Electric Modicon Quantum PLC. The issue is an authentication gap between the Unity software and the PLC, allowing remote attackers to cause a denial of service or potentially execute arbitrary code via unspecified vectors. Several connected sources (NVD, Tenable O...
CVE-2012-0929
Schneider Electric Modicon Quantum PLC is affected by CVE-2012-0929 due to multiple buffer overflows in the PLC’s FTP and HTTP servers. Remote attackers can trigger a denial of service by sending malformed requests to either service. The publicly available details show the impact as DoS with netw...
CVE-2012-0930
Cross-site scripting XSS vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0931
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors...
CVE-2012-0929
Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the 1 FTP server or 2 HTTP server...
CVE-2012-0930
The CVE-2012-0930 entry concerns the Schneider Electric Modicon Quantum PLC. All connected sources describe a Cross-Site Scripting (XSS) vulnerability in the Quantum PLC’s web context, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors. The affected component...
Ladder logic
The devices tested by the Basecamp Project included the D20 PLC by GE, The Modicon Quantum by Schneider Electric, Rockwell and Koyo Electronics. Each device was tested using a number of additional attack vectors. Researchers attempted to upload custom firmware or so-called “ladder logic” for the...
Modicon Quantum TFTP Arbitrary File Upload
Binary data scadamodicontftpenabled.nbin...
Modicon Quantum Telnet Server Default Credentials
Binary data scadamodicontelnet.nbin...
Modicon Quantum HTTP Server Default Credentials
Binary data scadamodicondefaultweb.nbin...