HTTP Response Splitting Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200

HTTP Response Splitting Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200

CVE-2018-7830 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP request.

Learn more about our Web App Pen Testing.