Path Traversal in Schneider Electric Ethernet Modules For M340, Quantum And Premium Plc Ranges

CVE-2014-0754

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE011…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.090 (94.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2014-0754?
CVE-2014-0754 is a vulnerability in Schneider Electric Ethernet Modules For M340, Quantum And Premium Plc Ranges, classified under Path Traversal. Published 2014-10-03.
Is CVE-2014-0754 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.