CVE-2018-7849 PoC — 多款Schneider Electric产品输入验证错误漏洞

Source

https://github.com/yanissec/CVE-2018-7849

Associated Vulnerability

Title:多款Schneider Electric产品输入验证错误漏洞 (CVE-2018-7849)
Description:Schneider Electric Modicon M580等都是法国施耐德电气（Schneider Electric）公司的产品。Schneider Electric Modicon M580是一款可编程自动化控制器。Schneider Electric Modicon Premium是一款用于离散或过程应用的大型可编程逻辑控制器（PLC）。Schneider Electric Modicon Quantum是一款用于过程应用、高可用性和安全解决方案的大型可编程逻辑控制器（PLC）。多款Schnei

Description

CVE-2018-7849

Readme

# CVE-2018-7849

### Affected Products

* **Schneider Electric Modicon M580** Version < 2.90

* **Schneider Electric Modicon M340** Version < 3.10

* **Schneider Electric Modicon Premium** All Versions

* **Schneider Electric Modicon Quantum** All Versions

### References

* [https://www.se.com/ww/en/download/document/SEVD-2019-134-11/](https://www.se.com/ww/en/download/document/SEVD-2019-134-11/)

* [https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737](https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0737)

# Usage

```
python CVE-2018-7849.py --host 192.168.1.123
```

File Snapshot


 [4.0K]  /data/pocs/37de199afc8fc76aa00723cb581fc6df66d73cf2
├── [2.3K]  CVE-2018-7849.py
├── [ 67K]  PLC.apx
└── [ 613]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!