CVE-2014-0754

Published: Oct 3, 2014

Modified: Aug 25, 2025

PUBLISHED

Description

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.

Vendor	Product	Versions
Schneider Electric	Ethernet modules for M340, Quantum and Premium PLC ranges	affected `140CPU65150` affected `140CPU65160` affected `140CPU65260` affected `140NOC77100` affected `140NOC78000` +61 more versions

References

70193

vdb-entry

x_refsource_BID

https://www.cisa.gov/news-events/ics-advisories/icsa-14-273-01

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2014-260-01

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-0754

Description

Affected Products

References