Schneider-electric

Bmxnoe0100 Firmware

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-5056

  • EPSS 0.13%
  • Published 12.06.2024 12:15:10
  • Last modified 21.11.2024 09:46:52

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the webserver when specific files or directories are removed from the filesystem.

7.5

CVE-2021-22787

  • EPSS 0.43%
  • Published 11.02.2022 18:15:09
  • Last modified 21.11.2024 05:50:40

A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions p...

7.5

CVE-2021-22788

  • EPSS 1.46%
  • Published 11.02.2022 18:15:09
  • Last modified 21.11.2024 05:50:40

A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Mod...

7.5

CVE-2021-22785

  • EPSS 0.32%
  • Published 11.02.2022 18:15:08
  • Last modified 21.11.2024 05:50:39

A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs:...

7.5

CVE-2020-7535

  • EPSS 0.43%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:19

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules...

7.8

CVE-2020-7536

  • EPSS 0.48%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prio...

7.5

CVE-2020-7539

  • EPSS 0.32%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected vers...

9.8

CVE-2020-7540

  • EPSS 0.31%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), ...

5.3

CVE-2020-7541

  • EPSS 0.31%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could...

5.3

CVE-2020-7549

  • EPSS 0.53%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:21

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected ver...