VDB

CNVD-2018-25427

CNVD-2018-25427 PUBLISHED

Schneider Electric Modicon M340等都是法国施耐德电气(Schneider Electric)公司的可编程逻辑控制器产品。 多款Schneider Electric产品中的嵌入式web服务器存在跨站脚本漏洞,远程攻击者可借助特制的URL利用该漏洞在Web服务器上修改密码。

Affected Products

VendorProductVersions
Schneider Electric BMXNOR0200
Schneider Electric Premium
Schneider Electric Modicon M340
Schneider Electric Quantum PLCs

Timeline

  • Nov 29, 2018 CVE ID Reserved
  • Dec 14, 2018 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›