CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7839 – Schneider Electric IIoT Monitor Hard-coded Cryptographic Key Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-7839
A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure. Existe una vulnerabilidad de problema criptográfico (CWE-310) en IIoT Monitor 3.1.38 que podría permitir la divulgación de información. This vulnerability allows the decryption of the administrator password on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists within encryption of the administrator password in the AESEncryption class. A hard-coded cryptographic key is used which can allow the reversal of the encryption process. • https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02 https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7836 – Schneider Electric IIoT Monitor UpgradeMgmt upload Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7836
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files. Existe una vulnerabilidad de subida sin restricción de archivos con tipos peligrosos en numerosos métodos del software de IIoT Monitor 3.1.38 que podría permitir la subida y ejecución de archivos maliciosos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is required to exploit this vulnerability but authentication can be easily bypassed. The specific flaw exists within the processing of the upload method of the UpgradeMgmt servlet, which listens on port 8080 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • http://www.securityfocus.com/bid/106484 https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03 • CWE-434: Unrestricted Upload of File with Dangerous Type •