VYPR

Proface Gp Pro Ex Pfxexgrpls

by Schneider Electric

CVEs (6)

  • CVE-2015-7921CriApr 6, 2016
    risk 0.59cvss 9.1epss 0.02

    The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these…

  • CVE-2016-2290HigApr 6, 2016
    risk 0.57cvss 8.8epss 0.02

    Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2017-9961HigSep 26, 2017
    risk 0.51cvss 7.8epss 0.00

    A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to…

  • CVE-2016-2292MedApr 6, 2016
    risk 0.42cvss 6.5epss 0.02

    Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-2291MedApr 6, 2016
    risk 0.42cvss 6.5epss 0.02

    Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2018-7832Dec 24, 2018
    risk 0.00cvss epss 0.02

    An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched.