VAR-201804-1337
Vulnerability from variot - Updated: 2024-11-23 21:39A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. plural Schneider Electric The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. The HTTP request parser is one of the HTTP request parsers. A remote attacker can exploit this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "140cpu65860",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu31110c",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65160s",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65260",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65160",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu43412uc",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65150c",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65860c",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65160c",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57154m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57254mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp342000",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57204mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57254m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57454mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp575634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57554m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu31110",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57554mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57104mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp575634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp574634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp341000h",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57454m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp573634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp571634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp573634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57104m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxh5744mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57304m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57304mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57354m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxh5744m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57154mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp576634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp342020h",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp571634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp3420302h",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65260c",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp3420302cl",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "bmxnor0200",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "bmxnor0200h",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu43412u",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp574634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp3420302",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxh5724mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp341000",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp342020",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp572634mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu65150",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp3420102cl",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57204m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp572634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon m340 bmxp3420102",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57354mc",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp576634m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxh5724m",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": null
},
{
"model": "140cpu31110",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "bmxnor0200",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "bmxp341000",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxh5724m",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "tsxp57104m",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric modicon premium",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric modicon m340",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric modicon quantum plc",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric bmxnor0200",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "bmxp341000",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "140cpu65160c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tsxh5724m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tsxh5744mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxnor0200",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65150c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu31110c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu43412uc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65260c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65860c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp341000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp342000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp3420102",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxnor0200h",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp3420102cl",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp342020",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp3420302",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp3420302cl",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp3420302h",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp342020h",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bmxp341000h",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxh5744m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57104m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65150",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57154m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp571634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57204m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57254m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp572634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57304m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57354m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp573634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57454m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp574634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu31110",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp575634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp576634m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxh5724mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57104mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57154mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp571634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57204mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57254mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp572634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu43412u",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57304mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57354mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp573634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57454mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp574634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57554mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp575634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp576634mc",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65160",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tsxp57554m",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65260",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65860",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "140cpu65160s",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:140cpu31110_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:bmxnor0200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:bmxp341000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:tsxh5724m_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:tsxp57104m_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
}
]
},
"cve": "CVE-2018-7761",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7761",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11261",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137793",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7761",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7761",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7761",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-11261",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-823",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137793",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "VULHUB",
"id": "VHN-137793"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability exists in the HTTP request parser in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. plural Schneider Electric The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. The HTTP request parser is one of the HTTP request parsers. A remote attacker can exploit this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7761"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137793"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7761",
"trust": 3.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-081-02",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-11261",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F26CC0-39AB-11E9-B2F8-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137793",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "VULHUB",
"id": "VHN-137793"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"id": "VAR-201804-1337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "VULHUB",
"id": "VHN-137793"
}
],
"trust": 1.79242425
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
}
]
},
"last_update_date": "2024-11-23T21:39:00.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2018-081-02",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-081-02+Modicon.pdf\u0026p_Doc_Ref=SEVD-2018-081-02"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137793"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7761"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7761"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "VULHUB",
"id": "VHN-137793"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"db": "VULHUB",
"id": "VHN-137793"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"date": "2018-04-18T00:00:00",
"db": "VULHUB",
"id": "VHN-137793"
},
{
"date": "2018-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"date": "2018-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"date": "2018-04-18T20:29:00.793000",
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11261"
},
{
"date": "2018-05-24T00:00:00",
"db": "VULHUB",
"id": "VHN-137793"
},
{
"date": "2018-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004491"
},
{
"date": "2018-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-823"
},
{
"date": "2024-11-21T04:12:41.250000",
"db": "NVD",
"id": "CVE-2018-7761"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Schneider Electric Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004491"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "e2f26cc0-39ab-11e9-b2f8-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-823"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…