167 matches found
CVE-2024-43387 Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43387 Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43387
CVE-2024-43387 affects PHOENIX CONTACT FL/TC MGUARD devices. A low-privilege remote attacker can read and write files as root due to improper neutralization of special elements in the EMAIL_RELAY_PASSWORD variable. Impact is high (remote, network access; confidentiality, integrity, and availabili...
CVE-2024-43386 Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...
CVE-2024-43386 Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...
CVE-2024-43385 Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXYHTTPPORT in mGuard devices...
CVE-2024-43385
CVE-2024-43385 affects PHOENIX CONTACT mGuard devices. The vulnerability stems from improper neutralization of a special element in the PROXY_HTTP_PORT variable, enabling a low-privileged remote attacker to trigger arbitrary OS command execution as root. Documents identify the affected component ...
CVE-2024-43385 Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXYHTTPPORT in mGuard devices...
CVE-2024-7699 Phoenix Contact: OS command execution in MGUARD products
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data...
CVE-2024-7699 Phoenix Contact: OS command execution in MGUARD products
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data...
CVE-2024-7698 Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks...
CVE-2024-7698 Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks...
CVE-2024-7734 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers...
CVE-2024-7734 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers...
PHOENIX CONTACT FL MGUARD 安全漏洞
The PHOENIX CONTACT FL MGUARD is a series of routers from PHOENIX CONTACT, Germany. A security vulnerability exists in Phoenix Contact FL MGUARD versions prior to 2102 10.4.1 that originates from the behavior of an unauthenticated, remote attacker who can exploit the pathfinder TCP encapsulation...
PHOENIX CONTACT FL/TC MGUARD 操作系统命令注入漏洞
The PHOENIX CONTACT FL/TC MGUARD is a series of routers from PHOENIX CONTACT, Germany. An operating system command injection vulnerability exists in the PHOENIX CONTACT FL/TC MGUARD, which originates from an incorrect neutralization of a special element in the variable PROXYHTTPPORT in the mGuard...
PT-2024-30549
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description A low privileged remote attacker can perform configuration changes of the ospf service through OSPF INTERFACE.SIMPLE KEY and OSPF INTERFACE.DIGEST KEY...
PHOENIX CONTACT FL/TC MGUARD 代码注入漏洞
The PHOENIX CONTACT FL/TC MGUARD is a series of routers from PHOENIX CONTACT, Germany. A code injection vulnerability exists in the PHOENIX CONTACT FL/TC MGUARD that originates from improper input validation, which allows a low-privileged remote attacker with write access to reconfigure the SNMP...
PHOENIX CONTACT FL/TC MGUARD 代码注入漏洞
The PHOENIX CONTACT FL/TC MGUARD is a series of routers from PHOENIX CONTACT, Germany. A code injection vulnerability exists in the PHOENIX CONTACT FL/TC MGUARD. A low-privileged remote attacker can execute configuration changes to the ospf service via the OSPFINTERFACE.SIMPLEKEY,...
PHOENIX CONTACT FL/TC MGUARD 代码注入漏洞
The PHOENIX CONTACT FL/TC MGUARD is a series of routers from PHOENIX CONTACT, Germany. A code injection vulnerability exists in the PHOENIX CONTACT FL/TC MGUARD. A low-privileged remote attacker can make configuration changes to firewall services, including packet forwarding or NAT via the...