Buffer overflow in Schneider-electric Bmxnoc0401

CVE-2015-7937

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.

Vulnerability class: Buffer Overflow

EPSS: 0.074 (93.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References