Schneider Electric Se U.Motion Server vulnerabilities
2 known vulnerabilities affecting schneider_electric_se/u.motion_server.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-6840CRITICALCVSS 9.8vMEG6501-0001 - U.motion KNX servervMEG6501-0002 - U.motion KNX Server Plus+4 more2019-09-17
CVE-2019-6840 [CRITICAL] CWE-134 CVE-2019-6840: A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary c
cvelistv5nvd
CVE-2019-6835MEDIUMCVSS 5.4vMEG6501-0001 - U.motion KNX servervMEG6501-0002 - U.motion KNX Server Plus+4 more2019-09-17
CVE-2019-6835 [MEDIUM] CWE-79 CVE-2019-6835: A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion
A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to inject client-side script when a user visits a web page.
cvelistv5nvd