Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Schneider-electric Subscribe
Filtered by product Easergy T300 Firmware
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7504 1 Schneider-electric 2 Easergy T300, Easergy T300 Firmware 2020-06-17 5.0 MEDIUM 5.3 MEDIUM
A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent.
CVE-2020-7513 1 Schneider-electric 2 Easergy T300, Easergy T300 Firmware 2020-06-17 5.0 MEDIUM 7.5 HIGH
A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to intercept traffic and read configuration data.
CVE-2020-7507 1 Schneider-electric 2 Easergy T300, Easergy T300 Firmware 2020-06-17 5.0 MEDIUM 7.5 HIGH
A CWE-400: Uncontrolled Resource Consumption vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to login multiple times resulting in a denial of service.
CVE-2020-7503 1 Schneider-electric 2 Easergy T300, Easergy T300 Firmware 2020-06-17 6.8 MEDIUM 8.8 HIGH
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to execute malicious commands on behalf of a legitimate user when xsrf-token data is intercepted.