Vulnerability Details CVE-2018-7804
A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be redirected to a URL of the attacker's choosing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
Products affected by CVE-2018-7804
-
cpe:2.3:h:schneider-electric:modicom_bmxnor0200h:-
-
cpe:2.3:h:schneider-electric:modicom_m340:-
-
cpe:2.3:h:schneider-electric:modicom_premium:-
-
cpe:2.3:h:schneider-electric:modicom_quantum:-
-
cpe:2.3:o:schneider-electric:modicom_bmxnor0200h_firmware:-
-
cpe:2.3:o:schneider-electric:modicom_m340_firmware:-
-
cpe:2.3:o:schneider-electric:modicom_premium_firmware:-
-
cpe:2.3:o:schneider-electric:modicom_quantum_firmware:-