Tsxp574634m_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Tsxp574634m_firmware
(Schneider\-Electric)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	11

Date	Id	Summary	Products	Score	Patch	Annotated
2018-04-18	CVE-2018-7241	Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	9.8
2018-04-18	CVE-2018-7759	A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	7.5
2018-04-18	CVE-2018-7760	An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	9.8
2018-04-18	CVE-2018-7761	A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	9.8
2018-04-18	CVE-2018-7762	A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.	140cpu31110_firmware, 140cpu31110c_firmware, 140cpu43412u_firmware, 140cpu43412uc_firmware, 140cpu65150_firmware, 140cpu65150c_firmware, 140cpu65160_firmware, 140cpu65160c_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65260c_firmware, 140cpu65860_firmware, 140cpu65860c_firmware, Bmxnor0200_firmware, Bmxnor0200h_firmware, Modicon_m340_bmxp341000_firmware, Modicon_m340_bmxp341000h_firmware, Modicon_m340_bmxp342000_firmware, Modicon_m340_bmxp3420102_firmware, Modicon_m340_bmxp3420102cl_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302cl_firmware, Modicon_m340_bmxp3420302h_firmware, Tsxh5724m_firmware, Tsxh5724mc_firmware, Tsxh5744m_firmware, Tsxh5744mc_firmware, Tsxp57104m_firmware, Tsxp57104mc_firmware, Tsxp57154m_firmware, Tsxp57154mc_firmware, Tsxp571634m_firmware, Tsxp571634mc_firmware, Tsxp57204m_firmware, Tsxp57204mc_firmware, Tsxp57254m_firmware, Tsxp57254mc_firmware, Tsxp572634m_firmware, Tsxp572634mc_firmware, Tsxp57304m_firmware, Tsxp57304mc_firmware, Tsxp57354m_firmware, Tsxp57354mc_firmware, Tsxp573634m_firmware, Tsxp573634mc_firmware, Tsxp57454m_firmware, Tsxp57454mc_firmware, Tsxp574634m_firmware, Tsxp574634mc_firmware, Tsxp57554m_firmware, Tsxp57554mc_firmware, Tsxp575634m_firmware, Tsxp575634mc_firmware, Tsxp576634m_firmware, Tsxp576634mc_firmware	7.5
2014-10-03	CVE-2014-0754	Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.	171ccc96020_firmware, 171ccc96020c_firmware, 171ccc96030_firmware, 171ccc96030c_firmware, 171ccc98020_firmware, 171ccc98030_firmware, Modicon_m340_bmxnoc0401_firmware, Modicon_m340_bmxnoe0100_firmware, Modicon_m340_bmxnoe0110_firmware, Modicon_m340_bmxnoe0110h_firmware, Modicon_m340_bmxnor0200h_firmware, Modicon_m340_bmxp342020_firmware, Modicon_m340_bmxp342020h_firmware, Modicon_m340_bmxp3420302_firmware, Modicon_m340_bmxp3420302h_firmware, Modicon_m340_bmxp342030_firmware, Modicon_m340_bmxp342030h_firmware, Modicon_m580_bmxnoc0402_firmware, Stbnic2212_firmware, Stbnip2212_firmware, Tsxetc0101_firmware, Tsxetc100_firmware, Tsxety110ws_firmware, Tsxety110wsc_firmware, Tsxety4103_firmware, Tsxety4103c_firmware, Tsxety5103_firmware, Tsxety5103c_firmware, Tsxetz410_firmware, Tsxetz510_firmware, Tsxntp100_firmware, Tsxp571634m_firmware, Tsxp572634m_firmware, Tsxp573623mc_firmware, Tsxp573634m_firmware, Tsxp574634m_firmware, Tsxp574823am_firmware, Tsxp574823m_firmware, Tsxp574823mc_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware, Tsxwmy100_firmware, Tsxwmy100c_firmware	N/A
2020-01-06	CVE-2019-6856	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-01-06	CVE-2019-6857	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service of the controller when reading specific memory blocks using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-01-06	CVE-2018-7794	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, Modicon_m340_firmware, Modicon_m580_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp57354m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	7.5
2020-03-23	CVE-2020-7477	A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Quantum Ethernet Network module 140NOE771x1 (Versions 7.0 and prior), Quantum processors with integrated Ethernet – 140CPU65xxxxx (all Versions), and Premium processors with integrated Ethernet (all Versions), which could cause a Denial of Service when sending a specially crafted command over Modbus.	140cpu65150_firmware, 140cpu65160_firmware, 140cpu65160s_firmware, 140cpu65260_firmware, 140cpu65860_firmware, 140cpu67060_firmware, 140cpu67160_firmware, 140cpu67160s_firmware, 140cpu67260_firmware, 140cpu67261_firmware, 140cpu67861_firmware, 140noe77101_firmware, 140noe77111_firmware, Tsxh5724m_firmware, Tsxh5744m_firmware, Tsxp57104m_firmware, Tsxp57154m_firmware, Tsxp571634m_firmware, Tsxp57204m_firmware, Tsxp57254m_firmware, Tsxp572634m_firmware, Tsxp57304m_firmware, Tsxp573634m_firmware, Tsxp57454m_firmware, Tsxp574634m_firmware, Tsxp57554m_firmware, Tsxp575634m_firmware, Tsxp576634m_firmware	N/A