Schneider Electric Modicon Multiple Authentication Bypass Vulnerabilities (CVE-2018-7811; CVE-2018-7810; CVE-2018-7809)

Multiple authentication bypass vulnerabilities exist in Schneider Electric Modicon. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the affected page. Successful exploitation results in the attacker being able to change the password for arbitrary accounts.

You can read the full article here.