140noc78000 Firmware Security Vulnerabilities and Issues — 140noc78000 Firmware CVE List

Lucene search

Schneider-electric140noc78000 Firmware

7 matches found

CVE•added 2020/12/11 1:15 a.m.•146 views

CVE-2020-7535

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions...

7.5CVSS7.2AI score0.00428EPSS

CVE•added 2020/12/11 1:15 a.m.•68 views

CVE-2020-7549

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP s...

5.3CVSS5.3AI score0.00526EPSS

CVE•added 2020/12/11 1:15 a.m.•67 views

CVE-2020-7540

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command executio...

9.8CVSS9.7AI score0.00311EPSS

CVE•added 2020/12/11 1:15 a.m.•66 views

CVE-2020-7541

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending ...

5.3CVSS5.2AI score0.00313EPSS

CVE•added 2020/12/01 3:15 p.m.•59 views

CVE-2020-7533

CWE-287: Improper Authentication vulnerability exists which could cause the execution ofcommands on the webserver without authentication when sending specially crafted HTTPrequests.

9.8CVSS9.8AI score0.00235EPSS

CVE•added 2020/12/11 1:15 a.m.•58 views

CVE-2020-7539

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulne...

7.5CVSS7.4AI score0.00318EPSS

CVE•added 2022/02/04 11:15 p.m.•52 views

CVE-2020-7534

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with...

8.8CVSS8.7AI score0.00178EPSS