CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
79.3%
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.
Vendor | Product | Version | CPE |
---|---|---|---|
schneider-electric | stbnic2212_firmware | - | cpe:2.3:o:schneider-electric:stbnic2212_firmware:-:*:*:*:*:*:*:* |
schneider-electric | stbnic2212 | - | cpe:2.3:h:schneider-electric:stbnic2212:-:*:*:*:*:*:*:* |
schneider-electric | stbnip2212_firmware | - | cpe:2.3:o:schneider-electric:stbnip2212_firmware:-:*:*:*:*:*:*:* |
schneider-electric | stbnip2212 | - | cpe:2.3:h:schneider-electric:stbnip2212:-:*:*:*:*:*:*:* |
schneider-electric | tsxetc0101_firmware | - | cpe:2.3:o:schneider-electric:tsxetc0101_firmware:-:*:*:*:*:*:*:* |
schneider-electric | tsxetc0101 | - | cpe:2.3:h:schneider-electric:tsxetc0101:-:*:*:*:*:*:*:* |
schneider-electric | tsxetc100_firmware | - | cpe:2.3:o:schneider-electric:tsxetc100_firmware:-:*:*:*:*:*:*:* |
schneider-electric | tsxetc100 | - | cpe:2.3:h:schneider-electric:tsxetc100:-:*:*:*:*:*:*:* |
schneider-electric | tsxp573623mc_firmware | - | cpe:2.3:o:schneider-electric:tsxp573623mc_firmware:-:*:*:*:*:*:*:* |
schneider-electric | tsxp573623mc | - | cpe:2.3:h:schneider-electric:tsxp573623mc:-:*:*:*:*:*:*:* |