VYPR

Bmxnor0200

by Schneider Electric

CVEs (2)

  • CVE-2015-7937Dec 21, 2015
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.

  • CVE-2018-7830Nov 30, 2018
    risk 0.00cvss epss 0.02

    Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP…