CVE-2024-37040
published 2024-06-12CVE-2024-37040: CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web…
high8.1CVSS 3.1
AVNACLPRLUINSUCNIHAH
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability
exists that could allow a user with access to the device’s web interface to cause a fault on the
device when sending a malformed HTTP request.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | sage_rtu_firmware | < c3414-500-s02k5_p9 | c3414-500-s02k5_p9 |
| schneider_electric | sage_1410 | — | — |
| schneider_electric | sage_1430 | — | — |
| schneider_electric | sage_1450 | — | — |
| schneider_electric | sage_2400 | — | — |
| schneider_electric | sage_3030_magnum | — | — |
| schneider_electric | sage_4400 | — | — |