Schneider-electric Bmxnor0200h
15 CVEs affecting Schneider-electric Bmxnor0200h. Latest disclosed: 2022-02-04. Critical: 4, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-7761 | Critical | 9.8 | 2018-04-18 | A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbi… |
CVE-2018-7760 | Critical | 9.8 | 2018-04-18 | An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions… |
CVE-2018-7242 | Critical | 9.8 | 2018-04-18 | Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the com… |
CVE-2018-7241 | Critical | 9.8 | 2018-04-18 | Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communicati… |
CVE-2020-7534 | High | 8.8 | 2022-02-04 | A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on… |
CVE-2019-6810 | High | 8.8 | 2019-09-17 | CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could cause the execution of c… |
CVE-2019-6831 | High | 8.6 | 2019-09-17 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which… |
CVE-2020-7536 | High | 7.5 | 2020-12-11 | A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communi… |
CVE-2019-6813 | High | 7.5 | 2019-09-17 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Mo… |
CVE-2018-7762 | High | 7.5 | 2018-04-18 | A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 whic… |
CVE-2018-7759 | High | 7.5 | 2018-04-18 | A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerabilit… |
CVE-2017-6017 | High | 7.5 | 2017-06-30 | A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMX… |
CVE-2015-6462 | Medium | 5.4 | 2019-03-21 | Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider El… |
CVE-2015-6461 | Medium | 5.4 | 2019-03-21 | Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BM… |
CVE-2015-7937 | | 2015-12-21 | Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitr… |