CVE-2019-6840
N/A
N/A
Summary
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | U.motion Server | MEG6501-0001 - U.motion KNX server | affected |
| Schneider Electric SE | U.motion Server | MEG6501-0002 - U.motion KNX Server Plus | affected |
| Schneider Electric SE | U.motion Server | MEG6260-0410 - U.motion KNX Server Plus | affected |
| Schneider Electric SE | U.motion Server | Touch 10 | affected |
| Schneider Electric SE | U.motion Server | MEG6260-0415 - U.motion KNX Server Plus | affected |
| Schneider Electric SE | U.motion Server | Touch 15 | affected |
Weaknesses
- CWE-134: Format String: CWE-134
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.