← Back

Andover Continuum Bcx4040 Firmware

andover_continuum_bcx4040_firmware

Vendor: Schneider Electric • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7482
1Schneider Electric
11Andover Continuum 5720 Firmware
Andover Continuum 5740 FirmwareAndover Continuum 9200 Firmware+8 more
Nov 21, 2024
Mar 23, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could cause a Reflective Cross-site Scripting (XSS attack) when u...Show more
A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could cause a Reflective Cross-site Scripting (XSS attack) when using the products' web server.Show less
CVE-2020-7481
1Schneider Electric
11Andover Continuum 5720 Firmware
Andover Continuum 5740 FirmwareAndover Continuum 9200 Firmware+8 more
Nov 21, 2024
Mar 23, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could enable a successful Cross-site Scripting (XSS attack) when...Show more
A CWE-79:Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists Andover Continuum (All versions), which could enable a successful Cross-site Scripting (XSS attack) when using the products' web server.Show less
CVE-2020-7480
1Schneider Electric
11Andover Continuum 5720 Firmware
Andover Continuum 5740 FirmwareAndover Continuum 9200 Firmware+8 more
Nov 21, 2024
Mar 23, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker i...Show more
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.Show less
CVE-2019-6853
1Schneider Electric
11Andover Continuum 5720 Firmware
Andover Continuum 5740 FirmwareAndover Continuum 9200 Firmware+8 more
Nov 21, 2024
Nov 20, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting...Show more
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.Show less