Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8380)

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8371)

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Phoenix Contact ILC PLCs Denial of Service (CVE-2021-33541)

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

Phoenix Contact ILC PLCs Cleartext Storage of Sensitive Information (CVE-2016-8366)

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text. This plugin only works with...

Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8371)

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Phoenix Contact ILC PLCs Denial of Service (CVE-2021-33541)

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

Phoenix Contact ILC PLCs Improper Authentication (CVE-2016-8380)

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2016-8380

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...

CVE-2016-8371

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled...

Authentication flaw

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...

CVE-2016-8366

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...

CVE-2016-8366

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text...

CVE-2016-8366

CVE-2016-8366 affects Phoenix Contact ILC PLCs with WebVisit. The vulnerability arises from a password macro where credentials can be stored and transferred in clear text, enabling potential exposure of user passwords via the HMI protection mechanism. Connected documents confirm the issue is tied...

CVE-2016-8380

CVE-2016-8380 affects Phoenix Contact ILC PLCs. The web server exposes read and write access to PLC variables without authentication, constituting an improper authentication vulnerability. The impact is unauthorized access to PLC data and potential manipulation of tag values, as corroborated by m...

CVE-2016-8380

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication...

CVE-2016-8371

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled...