CVE-2014-0754

Schneider Electric Modicon PLC Ethernet Modules - Directory Traversal via Crafted HTTP Request

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.

References (5)

Core 5

Scores

EPSS 0.1890
EPSS Percentile 95.4%

Details

CWE
CWE-22
Status published
Products (50)
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140CPU65150
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140CPU65160
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140CPU65260
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOC77100
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOC78000
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOC78100
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOE77100
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOE77101
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOE77101C
Schneider Electric/Ethernet modules for M340, Quantum and Premium PLC ranges 140NOE77110
... and 40 more
Published Oct 03, 2014
Tracked Since Feb 18, 2026