Unrated severityNVD Advisory· Published Jun 12, 2024· Updated Aug 2, 2024
CVE-2024-37037
CVE-2024-37037
Description
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request.
Affected products
6- Range: Versions C3414-500-S02K5_P8 and prior
- Schneider Electric/Sage 1430v5Range: Versions C3414-500-S02K5_P8 and prior
- Schneider Electric/Sage 1450v5Range: Versions C3414-500-S02K5_P8 and prior
- Schneider Electric/Sage 2400v5Range: Versions C3414-500-S02K5_P8 and prior
- Schneider Electric/Sage 3030 Magnumv5Range: Versions C3414-500-S02K5_P8 and prior
- Schneider Electric/Sage 4400v5Range: Versions C3414-500-S02K5_P8 and prior
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.