2 matches found
CVE-2024-43386 Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...
CVE-2024-43386
CVE-2024-43386 affects Phoenix Contact mGuard devices (including FL/TC MGUARD) where a low-privileged remote attacker can trigger OS command execution as root via improper neutralization of elements in the EMAIL_NOTIFICATION.TO variable. The issue is rooted in input handling of that field, enabli...