2 matches found
CVE-2024-6788
CVE-2024-6788 affects Phoenix Contact CHARX SEC family (CHARX SEC-3000/3050/3100/3150). A remote unauthenticated attacker can abuse the LAN firmware-update feature to reset the low-privilege user “user-app” password to the default. Root cause is described as insecure default resource initializati...
CVE-2024-6788 Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password...