Schneider-electric 140cpu65150_firmware

20 CVEs affecting Schneider-electric 140cpu65150_firmware. Latest disclosed: 2022-02-11. Critical: 5, High: 13.

Top CVEs affecting Schneider-electric 140cpu65150_firmware
CVESeverityScorePublishedSummary
CVE-2020-7540Critical9.82020-12-11A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premi…
CVE-2018-7761Critical9.82018-04-18A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbi…
CVE-2018-7760Critical9.82018-04-18An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions…
CVE-2018-7242Critical9.82018-04-18Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the com…
CVE-2018-7241Critical9.82018-04-18Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communicati…
CVE-2018-7240High8.82018-04-18A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP…
CVE-2021-22788High7.52022-02-11A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web serve…
CVE-2021-22787High7.52022-02-11A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP reque…
CVE-2021-22785High7.52022-02-11A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker…
CVE-2020-7542High7.52020-12-11A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modico…
CVE-2020-7539High7.52020-12-11A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modico…
CVE-2020-7535High7.52020-12-11A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M…
CVE-2020-7477High7.52020-03-23A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Q…
CVE-2019-6857High7.52020-01-06A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see secur…
CVE-2019-6856High7.52020-01-06A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see secur…
CVE-2018-7794High7.52020-01-06A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see secur…
CVE-2018-7762High7.52018-04-18A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 whic…
CVE-2018-7759High7.52018-04-18A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerabilit…
CVE-2020-7549Medium5.32020-12-11A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modic…
CVE-2020-7541Medium5.32020-12-11A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and ass…