167 matches found
The vulnerability of the ApacheMDM service in the centralized control system for industrial routers and network gateways of FL MGUARD DM allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the ApacheMDM service in the centralized management system for industrial routers and network switches of FL MGUARD DM is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
CVE-2022-3480
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections...
CVE-2022-3480
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections...
CVE-2022-3480
PHOENIX CONTACT FL MGUARD and TC MGUARD devices with firmware versions prior to 8.9.0 are vulnerable to a DoS caused by a flood of unauthenticated HTTPS connections from multiple source IPs. The issue is exploitable remotely and unauthenticated; firewall connection limits do not prevent it. A fix...
CVE-2022-3480 Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections...
CVE-2022-3480 Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections...
Phoenix Contact FL MGUARD DM 安全漏洞
PHOENIX CONTACT FL MGUARD DM is centralized device management software for MGUARD devices from PHOENIX CONTACT, Germany, for any number of devices in the field. A security vulnerability exists in the PHOENIX CONTACT FL MGUARD and TC MGUARD driver version 8.9.0 and prior versions, which originates...
CVE-2021-34579
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
CVE-2021-34579
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
Code injection
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
CVE-2021-34579
Phoenix Contact FL MGUARD DM versions 1.12.0 and 1.13.0 expose an Apache web server on Windows without required login, allowing network attackers to download ATV profiles containing sensitive data (e.g., IPsec private keys). The root cause is insufficient access control for the web server embedde...
CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
Phoenix Contact FL MGUARD DM 安全漏洞
Phoenix Contact FL MGUARD DM is centralized device management software for MGUARD devices from Phoenix Contact, Germany, for any number of devices in the field. A security vulnerability exists in Phoenix Contact FL MGUARD DM versions 1.12.0 and 1.13.0 that stems from the fact that login credentia...
PT-2022-6062 · Phoenix Contact · Fl Mguard +1
Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT FL MGUARD and TC MGUARD versions prior to 8.9.0 Description: The issue is related to unlimited resource distribution in the management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices. A remote, unauthenticated...
CVE-2021-34598
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-34598
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...
CVE-2021-34582
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code XSS through web-based management or the REST API with a manipulated certificate file...
CVE-2021-34582
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code XSS through web-based management or the REST API with a manipulated certificate file...
Code injection
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code XSS through web-based management or the REST API with a manipulated certificate file...