Remote Change of IPv4 Configuration Vulnerability in Modicon M221

Remote Change of IPv4 Configuration Vulnerability in Modicon M221

CVE-2018-7798 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device.

Learn more about our Web Application Penetration Testing UK.