CVE-2020-7504
MEDIUMEasergy T300 Firmware < 1.5.2 - Denial of Service via Crafted Network Packets
Title source: llmDescription
A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.se.com/ww/en/download/document/SEVD-2020-161-04
Scores
CVSS v3
5.3
EPSS
0.0038
EPSS Percentile
59.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-20
Status
published
Products (1)
schneider-electric/easergy_t300_firmware
< 1.5.2
Published
Jun 16, 2020
Tracked Since
Feb 18, 2026