167 matches found
Design/Logic Flaw
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-34598 Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-34598
Phoenix Contact FL MGUARD 1102/1105 (firmware v1.4.0, 1.4.1, 1.5.0) has a vulnerability where remote logging is impaired due to failure to release memory for syslog-ng data structures when remote logging is active. The impact described aligns with partial availability degradation; exploitation de...
CVE-2021-34582
Phoenix Contact FL MGUARD 1102 and 1105 are affected in versions 1.4.0, 1.4.1, and 1.5.0. A user with high privileges can inject HTML code (XSS) through the web-based management interface or the REST API when a manipulated certificate file is used. The vulnerability stems from the handling of cer...
CVE-2021-34582 Phoenix Contact: FL MGUARD XSS through web-based management and REST API
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code XSS through web-based management or the REST API with a manipulated certificate file...
Phoenix Contact Fl Mguard 1102 跨站脚本漏洞
The Phoenix Contact Fl Mguard 1102 is a security router from Phoenix Contact, Germany. It is used to protect industrial networks from attacks such as Ip spoofing, Denial of Service Dos and Syn flooding. A cross-site scripting vulnerability exists in the Phoenix Contact FL MGUARD 1102 and 1105,...
Phoenix Contact Fl Mguard 1102 安全漏洞
The Phoenix Contact Fl Mguard 1102 is a security router from Phoenix Contact, Germany. It is used to protect industrial networks from attacks such as Ip Spoofing, Denial of Service Dos and Syn flooding. A security vulnerability exists in the Phoenix Contact FL MGUARD 1102 and 1105 that stems from...
Unspecified Vulnerability in Phoenix Contact mGuard Devices
Phoenix Contact Mguard is a firewall device for industrial environments from Phoenix Contac. The device features multiple protection modes, deep packet inspection, malware and virus detection. A security vulnerability exists in Phoenix Contact mGuard Devices, which stems from the fact that for...
CVE-2020-12523
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...
Design/Logic Flaw
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...
CVE-2020-12523
Affected product: Phoenix Contact mGuard Devices (versions before 8.8.3) with LAN ports or an integrated LAN switch. Root cause: On reboot, the device exhibits Missing Initialization of Resource, causing LAN ports that were disabled by configuration to become functional again. In devices with an ...
CVE-2020-12523 Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports g...
Phoenix Contact mGuard Devices 安全漏洞
Phoenix Contact Mguard is a firewall device for industrial environments from Phoenix Contac. The device features multiple protection modes, deep packet inspection, malware and virus detection. A security vulnerability exists in Phoenix Contact mGuard Devices, which stems from the fact that for...
Phoenix Contact mGuard Device Manager Detection (Windows SMB Login)
SMB login-based detection of Phoenix Contact mGuard Device Manager. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHOENIX CONTACT mGuard Unauthorized Modification Vulnerability
Phoenix Contact mGuard is a security device from Phoenix Contact that protects systems from unauthorized access and installation. An unauthorized modification vulnerability exists in the PHOENIX CONTACT mGuard. The mGuard device relies on an internal verification of the integrity of the update...
CVE-2018-5441
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing ...
Input validation
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing ...
CVE-2018-5441
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing ...
CVE-2018-5441
The CVE-2018-5441 issue affects PHOENIX CONTACT mGuard devices running firmware 7.2–8.6.0. Root cause: improper validation of the internal integrity check value during verification of update packages, enabling modification of firmware updates. Impact: attacker could modify firmware packages, with...
PHOENIX CONTACT mGuard
CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: PHOENIX CONTACT Equipment: mGuard Vulnerability: Improper Validation of Integrity Check Value AFFECTED PRODUCTS The following versions of mGuard, a network device, are affected: mGuard firmware versions 7.2 to 8.6.0 IMPACT Successful...