CVE-2018-7830

Published: Nov 30, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP request.

Affected (4)

Products: Schneider Electric: Modicom M340 Firmware, Modicom Premium Firmware, Modicom Quantum Firmware, Modicom Bmxnor0200h Firmware

Schneider Electric

4 products

Modicom M340 Firmware

Modicom Premium Firmware

Modicom Quantum Firmware

Modicom Bmxnor0200h Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicom M340 Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicom M340	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicom Premium Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicom Premium	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicom Quantum Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicom Quantum	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicom Bmxnor0200h Firmware	All versions

Running on/with	Platform Versions
Schneider Electric Modicom Bmxnor0200h	All versions

Related CWEs

CWE-113

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

References (4)

https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/

Source: cybersecurity@se.com

Vendor Advisory

https://www.tenable.com/security/research/tra-2018-38

Source: cybersecurity@se.com

ExploitThird Party Advisory

https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.tenable.com/security/research/tra-2018-38

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.