CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HSchneider Electric Sage 1410
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage 1430
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage 1450
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage 2400
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage 3030 Magnum
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage 4400
HWSchneider-Electricwszystkie wersjeSchneider Electric Sage Rtu Firmware
OSSchneider-Electric< c3414-500-s02k5_p9
Powiązane podatności
Out-of-bounds Write umożliwiający Auth Bypass w Schneider Electric Sage RTU
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists th...
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an ...
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that coul...
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interf...