CVE-2020-7533
published 2020-12-01CVE-2020-7533: CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
CWE-287: Improper Authentication vulnerability exists which could cause the execution of
commands on the webserver without authentication when sending specially crafted HTTP
requests.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | 140cpu65260_firmware | < 6.1 | 6.1 |
| schneider-electric | 140noc77101_firmware | < 1.08 | 1.08 |
| schneider-electric | 140noc78000_firmware | < 1.74 | 1.74 |
| schneider-electric | 140noe77111_firmware | < 7.1 | 7.1 |
| schneider-electric | bmxnoc0401_firmware | < 2.10 | 2.10 |
| schneider-electric | bmxnoe0100_firmware | < 3.3 | 3.3 |
| schneider-electric | bmxnoe0110_firmware | < 6.5 | 6.5 |
| schneider-electric | modicon_m340_bmxp341000_firmware | < 3.20 | 3.20 |
| schneider-electric | modicon_m340_bmxp342000_firmware | < 3.20 | 3.20 |
| schneider-electric | modicon_m340_bmxp3420102_firmware | < 3.20 | 3.20 |
| schneider-electric | modicon_m340_bmxp3420302_firmware | < 3.20 | 3.20 |
| schneider-electric | tsxety4103_firmware | < 6.2 | 6.2 |
| schneider-electric | tsxety5103_firmware | < 6.4 | 6.4 |
| schneider-electric | tsxp574634_firmware | < 6.1 | 6.1 |
| schneider-electric | tsxp575634_firmware | < 6.1 | 6.1 |
| schneider-electric | tsxp576634_firmware | < 6.1 | 6.1 |