CVE-2024-35294

An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.

More information : https://www.schneider-elektronik.de/wp-content/uploads/2024/07/SAR-202405-2.pdf