Shodan
Vulnerabilities
Vulnerable Software
Schneider-Electric:  >> Sage 1410  Security Vulnerabilities
CVE-2024-5560
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-06-12
CVE-2024-37038
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-06-12
CVE-2024-37039
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-06-12
CVE-2024-37040
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-06-12
CVE-2024-37036
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-06-12
CVE-2024-37037
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending a crafted HTTP request.
CVSS Score
8.1
EPSS Score
0.006
Published
2024-06-12
CVE-2015-6485
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-03-12
CVE-2015-3963
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
CVSS Score
5.8
EPSS Score
0.037
Published
2015-08-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved