Vulnerability Details CVE-2024-37037
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s
web interface to corrupt files and impact device functionality when sending a crafted HTTP
request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.2%
CVSS Severity
CVSS v3 Score 8.1
References
Products affected by CVE-2024-37037
-
cpe:2.3:h:schneider-electric:sage_1410:-
-
cpe:2.3:h:schneider-electric:sage_1430:-
-
cpe:2.3:h:schneider-electric:sage_1450:-
-
cpe:2.3:h:schneider-electric:sage_2400:-
-
cpe:2.3:h:schneider-electric:sage_3030_magnum:-
-
cpe:2.3:h:schneider-electric:sage_4400:-
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:-
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3413-500-001f0_pb
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3413-500-001f0_pc
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-001g3_p6
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02j1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02j1_p1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02j2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k0
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k0_p1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k0_p2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k0_p3
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k0_p4
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k2_p1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k2_p2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k2_p3
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k2_p4
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k3
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k4
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k4_p1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k4_p2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k4_p3
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k4_p4
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p1
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p2
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p3
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p4
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p5
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p6
-
cpe:2.3:o:schneider-electric:sage_rtu_firmware:c3414-500-s02k5_p8