CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7814 – Schneider Electric GUIcon GD1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7814
A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file Existe una vulnerabilidad de desbordamiento de búfer basado en pila (CWE-121) en Eurotherm, de Schneider Electric GUIcon V2.0 (Gold Build 683.0), lo que podría provocar que se ejecute código remoto al analizar un archivo GD1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric GUIcon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsing of a GD1 file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the process. • http://www.securityfocus.com/bid/106218 https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7815 – Schneider Electric GUIcon GD1 File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7815
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file Existe una vulnerabilidad de confusión de tipos (CWE-843) en Eurotherm, de Schneider Electric GUIcon V2.0 (Gold Build 683.0), en c3core.dll, lo que podría provocar que se ejecute código remoto al analizar un archivo GD1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric GUIcon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsing of a GD1 file. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the process. • http://www.securityfocus.com/bid/106218 https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2018-7830
https://notcve.org/view.php?id=CVE-2018-7830
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP request. Existe una vulnerabilidad de neutralización incorrecta de secuencias CRLF en cabeceras HTTP ("separación de respuesta HTTP") en los servidores web embebidos en todos los productos Modicon M340, Premium, Quantum PLCs y BMXNOR0200, donde puede ocurrir una denegación de servicio (DoS) durante 1 minuto aproximadamente mediante el envío de una petición HTTP especialmente manipulada. • https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01 https://www.tenable.com/security/research/tra-2018-38 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 1CVE-2018-7810
https://notcve.org/view.php?id=CVE-2018-7810
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to craft a URL containing JavaScript that will be executed within the user's browser, potentially impacting the machine the browser is running on. Existe una vulnerabilidad de neutralización indebida de entradas durante la generación de páginas web ("Cross-Site Scripting") en los servidores web embebidos en todos los productos Modicon M340, Premium, Quantum PLCs y BMXNOR0200, lo que podría permitir que un atacante manipule una URL que contiene JavaScript, que se ejecutará en el navegador del usuario, teniendo un impacto potencial en la máquina en la que se está ejecutando el navegador. • https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01 https://www.tenable.com/security/research/tra-2018-38 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 1CVE-2018-7811
https://notcve.org/view.php?id=CVE-2018-7811
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server Existe un cambio de contraseña sin verificar en los servidores web embebidos en todos los productos Modicon M340, Premium, Quantum PLCs y BMXNOR0200, lo que podría permitir que un usuario remoto no autenticado acceda a la función de cambio de contraseñas del servidor web. • https://security.cse.iitk.ac.in/responsible-disclosure https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01 https://www.tenable.com/security/research/tra-2018-38 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •