Schneider Electric

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2014-0754
StatePUBLISHED
Assignericscert
Source PriorityCVE Program / NVD first with legacy fallback
Published2014-10-03 18:55:06 UTC
Updated2026-05-06 22:30:45 UTC
DescriptionDirectory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.

Risk And Classification

Primary CVSS: v2.0 10 from [email protected]

AV:N/AC:L/Au:N/C:C/I:C/A:C

Problem Types: CWE-22 | n/a

VersionSourceTypeScoreSeverityVector
2.0[email protected]Primary10AV:N/AC:L/Au:N/C:C/I:C/A:C
2.0[email protected]Secondary10AV:N/AC:L/Au:N/C:C/I:C/A:C
2.0CNACVSS10AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v2.0 Breakdown

Access Vector
Network
Access Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Schneider-electric 171ccc96020 - All All All
Hardware Schneider-electric 171ccc96020c - All All All
Operating System Schneider-electric 171ccc96020c Firmware - All All All
Operating System Schneider-electric 171ccc96020 Firmware - All All All
Hardware Schneider-electric 171ccc96030 - All All All
Hardware Schneider-electric 171ccc96030c - All All All
Operating System Schneider-electric 171ccc96030c Firmware - All All All
Operating System Schneider-electric 171ccc96030 Firmware - All All All
Hardware Schneider-electric 171ccc98020 - All All All
Operating System Schneider-electric 171ccc98020 Firmware - All All All
Hardware Schneider-electric 171ccc98030 - All All All
Operating System Schneider-electric 171ccc98030 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxnoc0401 - All All All
Operating System Schneider-electric Modicon M340 Bmxnoc0401 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxnoe0100 - All All All
Operating System Schneider-electric Modicon M340 Bmxnoe0100 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxnoe0110 - All All All
Hardware Schneider-electric Modicon M340 Bmxnoe0110h - All All All
Operating System Schneider-electric Modicon M340 Bmxnoe0110h Firmware - All All All
Operating System Schneider-electric Modicon M340 Bmxnoe0110 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxnor0200h - All All All
Operating System Schneider-electric Modicon M340 Bmxnor0200h Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxp342020 - All All All
Hardware Schneider-electric Modicon M340 Bmxp342020h - All All All
Operating System Schneider-electric Modicon M340 Bmxp342020h Firmware - All All All
Operating System Schneider-electric Modicon M340 Bmxp342020 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxp342030 - All All All
Hardware Schneider-electric Modicon M340 Bmxp3420302 - All All All
Hardware Schneider-electric Modicon M340 Bmxp3420302h - All All All
Operating System Schneider-electric Modicon M340 Bmxp3420302h Firmware - All All All
Operating System Schneider-electric Modicon M340 Bmxp3420302 Firmware - All All All
Hardware Schneider-electric Modicon M340 Bmxp342030h - All All All
Operating System Schneider-electric Modicon M340 Bmxp342030h Firmware - All All All
Operating System Schneider-electric Modicon M340 Bmxp342030 Firmware - All All All
Hardware Schneider-electric Modicon M580 Bmxnoc0402 - All All All
Operating System Schneider-electric Modicon M580 Bmxnoc0402 Firmware - All All All
Hardware Schneider-electric Stbnic2212 - All All All
Operating System Schneider-electric Stbnic2212 Firmware - All All All
Hardware Schneider-electric Stbnip2212 - All All All
Operating System Schneider-electric Stbnip2212 Firmware - All All All
Hardware Schneider-electric Tsxetc0101 - All All All
Operating System Schneider-electric Tsxetc0101 Firmware - All All All
Hardware Schneider-electric Tsxetc100 - All All All
Operating System Schneider-electric Tsxetc100 Firmware - All All All
Hardware Schneider-electric Tsxety110ws - All All All
Hardware Schneider-electric Tsxety110wsc - All All All
Operating System Schneider-electric Tsxety110wsc Firmware - All All All
Operating System Schneider-electric Tsxety110ws Firmware - All All All
Hardware Schneider-electric Tsxety4103 - All All All
Hardware Schneider-electric Tsxety4103c - All All All
Operating System Schneider-electric Tsxety4103c Firmware - All All All
Operating System Schneider-electric Tsxety4103 Firmware - All All All
Hardware Schneider-electric Tsxety5103 - All All All
Hardware Schneider-electric Tsxety5103c - All All All
Operating System Schneider-electric Tsxety5103c Firmware - All All All
Operating System Schneider-electric Tsxety5103 Firmware - All All All
Hardware Schneider-electric Tsxetz410 - All All All
Operating System Schneider-electric Tsxetz410 Firmware - All All All
Hardware Schneider-electric Tsxetz510 - All All All
Operating System Schneider-electric Tsxetz510 Firmware - All All All
Hardware Schneider-electric Tsxntp100 - All All All
Operating System Schneider-electric Tsxntp100 Firmware - All All All
Hardware Schneider-electric Tsxp573623mc - All All All
Operating System Schneider-electric Tsxp573623mc Firmware - All All All
Hardware Schneider-electric Tsxp574634m - All All All
Operating System Schneider-electric Tsxp574634m Firmware - All All All
Hardware Schneider-electric Tsxp574823am - All All All
Operating System Schneider-electric Tsxp574823am Firmware - All All All
Hardware Schneider-electric Tsxp574823m - All All All
Hardware Schneider-electric Tsxp574823mc - All All All
Operating System Schneider-electric Tsxp574823mc Firmware - All All All
Operating System Schneider-electric Tsxp574823m Firmware - All All All
Hardware Schneider-electric Tsxp575634m - All All All
Operating System Schneider-electric Tsxp575634m Firmware - All All All
Hardware Schneider-electric Tsxp576634m - All All All
Operating System Schneider-electric Tsxp576634m Firmware - All All All
Hardware Schneider-electric Tsxwmy100 - All All All
Hardware Schneider-electric Tsxwmy100c - All All All
Operating System Schneider-electric Tsxwmy100c Firmware - All All All
Operating System Schneider-electric Tsxwmy100 Firmware - All All All

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140CPU65150 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140CPU65160 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140CPU65260 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOC77100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOC78000 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOC78100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77101 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77101C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77110 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77111 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NOE77111C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 140NWM10000 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 170ENT11001 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 170ENT11002 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 170ENT11002C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC96020 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC96020C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC96030 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC96030C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC98020 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected 171CCC98030 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOC0401 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOC0402 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOE0100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOE0110 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOE0110H Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXNOR0200H Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP342020 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP342020H Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP342030 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP3420302 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP3420302H Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXP342030H Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected BMXPRMxxxx Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected STBNIC2212 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected STBNIP2212 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETC0101 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETC100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY110WS Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY110WSC Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY4103 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY4103C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY5103 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETY5103C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETZ410 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXETZ510 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXNTP100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP572623M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP572623MC Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP572823M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP572823MC Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP573623AM Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP573623M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP573623MC Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP574634M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP574823AM Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP574823M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP574823MC Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP575634M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP576634M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXWMY100 Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXWMY100C Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP571634M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP572634M Not specified
CNA Schneider Electric Ethernet Modules For M340 Quantum And Premium PLC Ranges affected TSXP573634M Not specified

References

ReferenceSourceLinkTags
SchneiderWEB Server Directory Traversal Vulnerability | ICS-CERT af854a3a-2127-422b-91ae-364da2661108 ics-cert.us-cert.gov Third Party Advisory, US Government Resource
download.schneider-electric.com/files af854a3a-2127-422b-91ae-364da2661108 download.schneider-electric.com Patch, Vendor Advisory
Multiple Schneider Electric Products CVE-2014-2732 Directory Traversal Vulnerability af854a3a-2127-422b-91ae-364da2661108 www.securityfocus.com Third Party Advisory, VDB Entry
www.cisa.gov/news-events/ics-advisories/icsa-14-273-01 [email protected] www.cisa.gov
download.schneider-electric.com/files [email protected] download.schneider-electric.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

Discovery Credit

CNA: Billy Rios (en)

Additional Advisory Data

Solutions

CNA: Please see Schneider Electric’s vulnerability disclosure (SEVD-2014-260-01)Schneider Electric Vulnerability Disclosure – Modicon Ethernet Comm Modules - SEVD-2014-260-01 - http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2014-260-01 . for more detailed information on which product part numbers are affected, as well as the complete list of which devices have released firmware updates available. This vulnerability disclosure can be downloaded at the following URL:  http://www.schneider-electric.com/ww/en/download/

Workarounds

CNA: Search downloads for SEVD-14-260-01, then keyword SEVD-14-260-01 to download the vulnerability disclosure. This URL site can also be used to download firmware updates identified in the vulnerability disclosure. Schneider Electric also recommends the following measures to mitigate the vulnerability for the remaining affected devices: * Use a deep packet inspection firewall to prevent HTTP requests to the product that contains traversals in the URL. * Disable Port 80 (HTTP) on modules where it is possible. * Block Port 80 in firewalls to these devices, except for trusted devices. Please contact Schneider Electric Customer Care Center for more information.

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report