2 matches found
Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Stack-Based Buffer Overflow (CVE-2018-7240)
A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious...
CVE-2017-9970
A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution...