13 matches found
CVE-2018-25112 PHOENIX CONTACT: ILC 1x1 ETH Denial of Service
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device...
PHOENIX CONTACT ILC 安全漏洞
The PHOENIX CONTACT ILC is a series of programmable controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT ILC that stems from an uncontrolled resource consumption issue in the IEC 61131 program that could lead to a denial of service attack...
Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8371)
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Phoenix Contact ILC PLCs Cleartext Storage of Sensitive Information (CVE-2016-8366)
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text. This plugin only works with...
Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8371)
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Default credentials
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...
Authentication flaw
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...
CVE-2016-8366
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...
CVE-2016-8371
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled...
CVE-2016-8380
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...
CVE-2016-8371
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled...
CVE-2016-8366
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...
CVE-2016-8380
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...