33 matches found
EUVD-2020-4825
Malware in sbrugna...
EUVD-2024-40258
Malicious code in bioql PyPI...
CVE-2024-43387
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43387
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43385
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXYHTTPPORT in mGuard devices...
CVE-2024-43393 Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWINCOMING.FROMIP FWINCOMING.INIP FWOUTGOING.FROMIP FWOUTGOING.INIP FWRULESETS.FROMIP FWRULESETS.INIP environment...
CVE-2024-43393 Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWINCOMING.FROMIP FWINCOMING.INIP FWOUTGOING.FROMIP FWOUTGOING.INIP FWRULESETS.FROMIP FWRULESETS.INIP environment...
CVE-2024-43392 Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWINCOMING.FROMIP FWINCOMING.INIP FWOUTGOING.FROMIP FWOUTGOING.INIP environment variable which can lead to a DoS...
CVE-2024-43391 Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWPORTFORWARDING.SRCIP environment variable which can lead to a DoS...
CVE-2024-43391 Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FWPORTFORWARDING.SRCIP environment variable which can lead to a DoS...
CVE-2024-43390 Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FWNAT.INIP environment variable which can lead to a DoS...
CVE-2024-43389 Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker can perform configuration changes of the ospf service through OSPFINTERFACE.SIMPLEKEY, OSPFINTERFACE.DIGESTKEY environment variables which can lead to a DoS...
CVE-2024-43388 Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation...
CVE-2024-43388 Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation...
CVE-2024-43387 Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43387
CVE-2024-43387 affects PHOENIX CONTACT FL/TC MGUARD devices. A low-privilege remote attacker can read and write files as root due to improper neutralization of special elements in the EMAIL_RELAY_PASSWORD variable. Impact is high (remote, network access; confidentiality, integrity, and availabili...
CVE-2024-43387 Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAILRELAYPASSWORD in mGuard devices...
CVE-2024-43386 Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...
CVE-2024-43386 Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...
CVE-2024-43385
CVE-2024-43385 affects PHOENIX CONTACT mGuard devices. The vulnerability stems from improper neutralization of a special element in the PROXY_HTTP_PORT variable, enabling a low-privileged remote attacker to trigger arbitrary OS command execution as root. Documents identify the affected component ...