CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.
2024-06-12T17:15:51.540
2024-11-21T09:23:06.170
Modified
CVSSv3.1: 5.4 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | schneider-electric | sage_rtu_firmware | < c3414-500-s02k5_p9 | Yes |
| Hardware | schneider-electric | sage_1410 | - | No |
| Hardware | schneider-electric | sage_1430 | - | No |
| Hardware | schneider-electric | sage_1450 | - | No |
| Hardware | schneider-electric | sage_2400 | - | No |
| Hardware | schneider-electric | sage_3030_magnum | - | No |
| Hardware | schneider-electric | sage_4400 | - | No |