Easergy T300 Firmware@2.7 Security Vulnerabilities and Issues — Easergy T300 Firmware@2.7 CVE List

Lucene search

Schneider-electricEasergy T300 Firmware2.7

5 matches found

CVE•added 2020/12/11 1:15 a.m.•59 views

CVE-2020-28215

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.

9.8CVSS9.5AI score0.00988EPSS

CVE•added 2020/11/19 10:15 p.m.•54 views

CVE-2020-7561

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted...

9.8CVSS9.3AI score0.01589EPSS

CVE•added 2020/12/11 1:15 a.m.•53 views

CVE-2020-28217

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

7.5CVSS7.3AI score0.00062EPSS

CVE•added 2020/12/11 1:15 a.m.•52 views

CVE-2020-28218

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action.

6.5CVSS6.4AI score0.00159EPSS

CVE•added 2020/12/11 1:15 a.m.•50 views

CVE-2020-28216

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

7.5CVSS7.3AI score0.00081EPSS