4 matches found
CVE-2024-25994
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only...
CVE-2024-25994
creationtimestamp| type| source ---|---|--- 2024-03-12 10:26:36+00:00| seen| https://t.me/ctinow/205475 2025-01-24 07:04:06+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2876...
CVE-2024-25994
CVE-2024-25994 affects Phoenix Contact CHARX SEC devices (CHARX SEC-3100, and related SEC series). The CharxUpdateAgent service listens on TCP port 9999 and fails to validate user-supplied data, enabling an unauthenticated attacker to upload arbitrary script files to a fixed write-only location. ...
CVE-2024-25994 PHOENIX CONTACT: Unintended script file upload in CHARX Series
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only...