28 matches found
PHOENIX CONTACT FL SWITCH 跨站脚本漏洞
PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A cross-site scripting vulnerability exists in PHOENIX CONTACT FL SWITCH versions prior to 3.50, which can be exploited by an unauthenticated, remote attacker to trick an authenticated user into clicki...
Phoenix Contact FL SWITCH 跨站脚本漏洞
The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A cross-site scripting vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which originates from improper input neutralization during web page generation...
Phoenix Contact FL SWITCH 跨站脚本漏洞
The PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A cross-site scripting vulnerability exists in Phoenix Contact FL SWITCH versions prior to 3.50, which originates from a cross-site scripting attack that could result in modification of device...
EUVD-2018-5925
Malware in sbrugna...
EUVD-2018-5924
Malware in sbrugna...
EUVD-2021-8414
Malicious code in bioql PyPI...
CVE-2023-2673
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks...
Input validation
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks...
CVE-2021-34598
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-34582
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code XSS through web-based management or the REST API with a manipulated certificate file...
Design/Logic Flaw
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-21002
In Phoenix Contact FL COMSERVER UNI in versions 2.40 a invalid Modbus exception response can lead to a temporary denial of service...
Cross site request forgery (csrf)
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF...
CVE-2018-13991
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images...
CVE-2018-13993
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF...
CVE-2018-13991
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images...
Design/Logic Flaw
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts...
CVE-2018-13990
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts...
Session fixation
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a session...
PHOENIX CONTACT FL VIEW Detection (Windows SMB Login)
SMB login-based detection of PHOENIX CONTACT FL VIEW. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...