CVE-2018-7761 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-7761 PUBLISHED CVSS 7.5 HIGH

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.

EPSS 0.55% · 67.7th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

0.55%

67.7th percentile

Affected Products

Vendor	Product	Versions
schneider-electric	modicon_m340_bmxp342000_firmware
schneider-electric	140cpu65160s_firmware
schneider-electric	tsxp572634m_firmware
schneider-electric	tsxp57254m_firmware
schneider-electric	tsxp575634mc_firmware
schneider-electric	modicon_m340_bmxp3420302cl_firmware
schneider-electric	modicon_m340_bmxp342020h_firmware
schneider-electric	bmxnor0200_firmware
schneider-electric	140cpu65160_firmware
schneider-electric	modicon_m340_bmxp341000_firmware
schneider-electric	140cpu65150_firmware
schneider-electric	tsxp573634mc_firmware
schneider-electric	tsxp57254mc_firmware
schneider-electric	tsxp57104mc_firmware
schneider-electric	140cpu65860c_firmware
schneider-electric	modicon_m340_bmxp341000h_firmware
schneider-electric	tsxp57554m_firmware
schneider-electric	tsxp57204m_firmware
schneider-electric	tsxp57304mc_firmware
schneider-electric	140cpu31110_firmware

…and 38 more

Timeline

Mar 23, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 5, 2023 EPSS Score

References

Open in Interactive Console →