2 matches found
Schneider Electric Modicon Weak Password Recovery Mechanism for Forgotten Password (CVE-2018-7809)
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server. This plugin only works with Tenable.ot. Please visit...
CVE-2018-7809
The CVE-2018-7809 issue affects Schneider Electric Modicon embedded Web servers in M340, Premium, Quantum PLCs and BMXNOR0200. The root cause is an Unverified Password Change vulnerability that allows an unauthenticated remote attacker to access the password delete function via the web server. Im...