CVE-2018-7811
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-7811
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Schneider Electric产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Schneider Electric Modicon M340等都是法国施耐德电气(Schneider Electric)公司的可编程逻辑控制器产品。 多款Schneider Electric产品中的嵌入式web服务器存在安全漏洞。远程攻击者可借助/unsecure/embedded/builtin端点利用该漏洞在未经身份验证的情况下更改用户密码。以下产品受到影响:Schneider Electric Modicon M340;Premium;Quantum PLCs;BMXNOR0200。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Schneider Electric SE | Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 | Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 | - |
II. Public POCs for CVE-2018-7811
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-7811
请登录查看更多情报信息。
- https://www.tenable.com/security/research/tra-2018-38x_refsource_MISC
- https://security.cse.iitk.ac.in/responsible-disclosurex_refsource_MISC
- https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-7811
Same Patch Batch · Schneider Electric SE · 2018-11-30 · 7 CVEs total
| CVE-2018-7806 | Schneider Electric StruxureWare Data Center Operation 安全漏洞 | |
| CVE-2018-7807 | Schneider Electric StruxureWare Data Center Expert 安全漏洞 | |
| CVE-2018-7809 | 多款Schneider Electric产品安全漏洞 | |
| CVE-2018-7810 | 多款Schneider Electric产品跨站脚本漏洞 | |
| CVE-2018-7830 | 多款Schneider Electric产品安全漏洞 | |
| CVE-2018-7831 | 多款Schneider Electric产品跨站脚本漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-7811
No comments yet