Vulnerability Details : CVE-2014-0754
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.
Vulnerability category: Directory traversal
Products affected by CVE-2014-0754
- cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety4103_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety5103_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:stbnic2212_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:stbnip2212_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxetc0101_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxetc100_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp573623mc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety110ws_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety110wsc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp574823am_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp574823m_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety4103c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxp574823mc_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxety5103c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxetz410_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxwmy100_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxetz510_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxwmy100c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:tsxntp100_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m580_bmxnoc0402_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc96020_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc96020c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc96030_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc96030c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc98020_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:171ccc98030_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0754
0.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0754
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-0754
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0754
-
http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdf
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/70193
Multiple Schneider Electric Products CVE-2014-2732 Directory Traversal VulnerabilityThird Party Advisory;VDB Entry
-
https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01
SchneiderWEB Server Directory Traversal Vulnerability | CISAThird Party Advisory;US Government Resource
Jump to