CVE-2020-7500
Summary
| CVE | CVE-2020-7500 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-06-16 20:15:00 UTC |
| Updated | 2022-01-31 20:07:00 UTC |
| Description | A CWE-89:Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause arbitrary code to be executed when a malicious command is entered. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Schneider-electric | Mtn6260-0310 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6260-0310 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Mtn6260-0315 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6260-0315 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Mtn6260-0410 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6260-0410 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Mtn6260-0415 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6260-0415 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Mtn6501-0001 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6501-0001 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Mtn6501-0002 | - | All | All | All |
| Operating System | Schneider-electric | Mtn6501-0002 Firmware | All | All | All | All |
| Hardware | Se | Mtn6260-0310 | - | All | All | All |
| Hardware | Se | Mtn6260-0310 | - | All | All | All |
| Operating System | Se | Mtn6260-0310 Firmware | All | All | All | All |
| Operating System | Se | Mtn6260-0310 Firmware | All | All | All | All |
| Hardware | Se | Mtn6260-0315 | - | All | All | All |
| Hardware | Se | Mtn6260-0315 | - | All | All | All |
| Operating System | Se | Mtn6260-0315 Firmware | All | All | All | All |
| Operating System | Se | Mtn6260-0315 Firmware | All | All | All | All |
| Hardware | Se | Mtn6260-0410 | - | All | All | All |
| Hardware | Se | Mtn6260-0410 | - | All | All | All |
| Operating System | Se | Mtn6260-0410 Firmware | All | All | All | All |
| Operating System | Se | Mtn6260-0410 Firmware | All | All | All | All |
| Hardware | Se | Mtn6260-0415 | - | All | All | All |
| Hardware | Se | Mtn6260-0415 | - | All | All | All |
| Operating System | Se | Mtn6260-0415 Firmware | All | All | All | All |
| Operating System | Se | Mtn6260-0415 Firmware | All | All | All | All |
| Hardware | Se | Mtn6501-0001 | - | All | All | All |
| Hardware | Se | Mtn6501-0001 | - | All | All | All |
| Operating System | Se | Mtn6501-0001 Firmware | All | All | All | All |
| Operating System | Se | Mtn6501-0001 Firmware | All | All | All | All |
| Hardware | Se | Mtn6501-0002 | - | All | All | All |
| Hardware | Se | Mtn6501-0002 | - | All | All | All |
| Operating System | Se | Mtn6501-0002 Firmware | All | All | All | All |
| Operating System | Se | Mtn6501-0002 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Notification - U.motion Servers and Touch Panels V1.1 | Schneider Electric | MISC | www.se.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590848 Schneider Electric U motion Servers and Touch Panels Multiple Vulnerabilities (SEVD-2020-133-03)