Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Schneider-electric Subscribe
Filtered by product Bmxnoe0100

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7541 1 Schneider-electric 40 140cpu65150, 140cpu65150 Firmware, 140noc77101 and 37 more 2020-12-14 5.0 MEDIUM 5.3 MEDIUM
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
CVE-2020-7549 1 Schneider-electric 38 140cpu65150, 140cpu65150 Firmware, 140noc78000 and 35 more 2020-12-14 5.0 MEDIUM 5.3 MEDIUM
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.
CVE-2015-6461 1 Schneider-electric 22 Bmxnoc0401, Bmxnoc0401 Firmware, Bmxnoe0100 and 19 more 2019-10-09 5.5 MEDIUM 5.4 MEDIUM
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page.
CVE-2015-6462 1 Schneider-electric 22 Bmxnoc0401, Bmxnoc0401 Firmware, Bmxnoe0100 and 19 more 2019-10-09 3.5 LOW 5.4 MEDIUM
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser.