CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11737
https://notcve.org/view.php?id=CVE-2024-11737
11 Dec 2024 — CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device. CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-345-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-345-03.pdf • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-6528
https://notcve.org/view.php?id=CVE-2024-6528
11 Jul 2024 — CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a page containing the injected payload. CWE-79: Existe una vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ("Cross-site Scripting") que podría causar una vulnerabilidad que conduzca a una c... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-04.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.2EPSS: 0%CPEs: 24EXPL: 0CVE-2019-6820
https://notcve.org/view.php?id=CVE-2019-6820
22 May 2019 — A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2 Una CWE-306: Una vulnerabilidad de Falta de Autenticación para Funciones Criti... • https://www.schneider-electric.com/en/download/document/SEVD-2019-134-02 • CWE-306: Missing Authentication for Critical Function •