Schneider Electric Quantum 140NOE771 Network Interface Module Fwupgrade Password Weakness

Binary data 720235.prm...

D-Link DIR-636L Remote Command Injection and Authentication Bypass (CVE-2015-1187)

Remote command injection and authentication bypass vulnerabilities exist in D-Link routers. The vulnerabilities are due to incorrectly filtering input on the 'ping' and 'fwupgrade' tools which allows to inject arbitrary commands into the router and file upload without authentication. A remote...

CVE-2011-4860

The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...

CVE-2011-4860

The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...

CVE-2011-4860

The vulnerability CVE-2011-4860 affects the Schneider Electric Quantum Ethernet Module NOE 771 (aka Quantum 140NOE771*) where the ComputePassword function derives the fwupgrade password from the MAC address. This allows remote attackers to gain access via (1) ARP requests or (2) Neighbor Solicita...