CVE-2014-0754CVE-2014-0754

Affected configuration(s):

cpe:/h:chneider-electric:modicon_plc_ethernet_module:bmxnor0200h
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140cpu65150
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140cpu65160
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140cpu65260
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noc77100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noc78000
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77101
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77101c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77110
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77111
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140noe77111c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:140nwm10000
cpe:/h:schneider-electric:modicon_plc_ethernet_module:170ent11001
cpe:/h:schneider-electric:modicon_plc_ethernet_module:170ent11002
cpe:/h:schneider-electric:modicon_plc_ethernet_module:170ent11002c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc96020
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc96020c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc96030
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc96030c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc98020
cpe:/h:schneider-electric:modicon_plc_ethernet_module:171ccc98030
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxnoc0401
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxnoc0402
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxnoe0100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxnoe0110
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxnoe0110h
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp342020
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp342020h
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp342030
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp342030h
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp3420302
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxp3420302h
cpe:/h:schneider-electric:modicon_plc_ethernet_module:bmxprmxxxx
cpe:/h:schneider-electric:modicon_plc_ethernet_module:stbnic2212
cpe:/h:schneider-electric:modicon_plc_ethernet_module:stbnip2212
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxetc100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxetc0101
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety110ws
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety110wsc
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety4103
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety4103c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety5103
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxety5103c
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxetz410
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxetz510
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxntp100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp571634m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp572623m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp572623mc
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp572823m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp572823mc
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp573623am
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp573623m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp573623mc
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp573634m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp574634m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp574823am
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp574823m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp574823mc
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp575634m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxp576634m
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxwmy100
cpe:/h:schneider-electric:modicon_plc_ethernet_module:tsxwmy100c

Date published: 2014-10-03T14:55:06.017-04:00

Date last modified: 2016-04-04T13:38:22.347-04:00

CVSS Score: 10.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdf

Summary: Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.