Automationdirect C-More Ea9 Hmi Ea0-T7Cl-R vulnerabilities
3 known vulnerabilities affecting automationdirect/c-more_ea9_hmi_ea0-t7cl-r.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-25136P3HIGHCVSS 7.5≤ 6.772024-03-26
CVE-2024-25136 [HIGH] CWE-22 CVE-2024-25136: There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative p
There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content.
nvd
CVE-2024-25138P3MEDIUMCVSS 6.5≤ 6.772024-03-26
CVE-2024-25138 [MEDIUM] CWE-256 CVE-2024-25138: In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on
In AutomationDirect C-MORE EA9 HMI,
credentials used by the platform are stored as plain text on the device.
nvd
CVE-2024-25137P4MEDIUMCVSS 4.3≤ 6.772024-03-26
CVE-2024-25137 [MEDIUM] CWE-121 CVE-2024-25137: In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by
In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions.
nvd