Schneider-electric 140noc78000_firmware
7 CVEs affecting Schneider-electric 140noc78000_firmware. Latest disclosed: 2022-02-04. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-7540 | Critical | 9.8 | 2020-12-11 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premi… |
CVE-2020-7533 | Critical | 9.8 | 2020-12-01 | CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending speciall… |
CVE-2020-7534 | High | 8.8 | 2022-02-04 | A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on… |
CVE-2020-7539 | High | 7.5 | 2020-12-11 | A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modico… |
CVE-2020-7535 | High | 7.5 | 2020-12-11 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M… |
CVE-2020-7549 | Medium | 5.3 | 2020-12-11 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modic… |
CVE-2020-7541 | Medium | 5.3 | 2020-12-11 | A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and ass… |