Unrated severityNVD Advisory· Published Dec 21, 2015· Updated Jun 17, 2026
CVE-2015-7937
CVE-2015-7937
Description
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxnoe0100h:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:bmxpra0100:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*
- cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- download.schneider-electric.com/filesnvdVendor Advisory
- ics-cert.us-cert.gov/advisories/ICSA-15-351-01nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/79622nvd
News mentions
0No linked articles in our index yet.