Schneider-Electric Mtn6260-0310 Firmware vulnerabilities
2 known vulnerabilities affecting schneider-electric/mtn6260-0310_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-7500P2CRITICALCVSS 9.8fixed in 1.4.22020-06-16
CVE-2020-7500 [CRITICAL] CWE-89 CVE-2020-7500: A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulner
A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicious command is entered.
nvd
CVE-2020-7499P3MEDIUMCVSS 6.5fixed in 1.4.22020-06-16
CVE-2020-7499 [MEDIUM] CWE-863 CVE-2020-7499: A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affect
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.
nvd