VYPR

Modicon Controllers

by Schneider Electric

CVEs (3)

  • CVE-2025-13902Mar 10, 2026
    risk 0.00cvss epss 0.00

    CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser run arbitrary JavaScript when the victim hovers over a maliciously crafted…

  • CVE-2024-6528Jul 11, 2024
    risk 0.00cvss epss 0.00

    CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim’s browser run arbitrary JavaScript when they visit a…

  • CVE-2019-6859Apr 22, 2020
    risk 0.00cvss epss 0.01

    A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the…