Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-7849 PoC — 多款Schneider Electric产品输入验证错误漏洞

Source
https://github.com/yanissec/CVE-2018-7849
Associated Vulnerability
Title:多款Schneider Electric产品输入验证错误漏洞 (CVE-2018-7849)
Description:A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.
Description
CVE-2018-7849
Readme
# CVE-2018-7849

### Affected Products

* **Schneider Electric Modicon M580** Version < 2.90

* **Schneider Electric Modicon M340** Version < 3.10

* **Schneider Electric Modicon Premium** All Versions

* **Schneider Electric Modicon Quantum** All Versions

### References

* [https://www.se.com/ww/en/download/document/SEVD-2019-134-11/](https://www.se.com/ww/en/download/document/SEVD-2019-134-11/)

* [https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737](https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737)

# Usage

```
python CVE-2018-7849.py --host 192.168.1.123
```
File Snapshot

 [4.0K]  /data/pocs/37de199afc8fc76aa00723cb581fc6df66d73cf2
├── [2.3K]  CVE-2018-7849.py
├── [ 67K]  PLC.apx
└── [ 613]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →