Back to search
CVE-2018-7245
Published: Apr 18, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization.
| Vendor | Product | Versions |
|---|---|---|
Schneider Electric SE | 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS | affected MGE Network Management Card Transverse, part number: SF66074. All card versions affected, when installed in following products: MGE Galaxy 5000, MGE Galaxy 6000, MGE Galaxy 9000, MGE EPS 7000, MGE EPS 8000, MGE EPS 6000, MGE Comet UPS, MGE Galaxy PW, MGE Galaxy 3000, MGE Galaxy 4000 |
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now