CVE-2026-41032 Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers

It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...

PHOENIX CONTACT多款产品 数据伪造问题漏洞

PHOENIX CONTACT AXC F 1152, among others, are controller devices produced by the German company PHOENIX CONTACT. Several products from PHOENIX CONTACT have vulnerabilities related to data manipulation. These vulnerabilities stem from the lack of a data validation mechanism when allowing remote,...

Phoenix Contact多款产品 代码问题漏洞

PHOENIX CONTACT AXC F 1152 and PHOENIX CONTACT AXC F 2152 are controller devices from the German company PHOENIX CONTACT. Several products from Phoenix Contact have code vulnerabilities. These vulnerabilities allow low-privilege local users to manipulate configuration or application-related files...

CVE-2024-43384 Phoenix Contact: Improper removal of sensitive information in MGUARD products

A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...

PHOENIX CONTACT多款产品 安全漏洞

PHOENIX CONTACT FL MGUARD 2102, among others, are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL MGUARD 2102 is a router. PHOENIX CONTACT FL MGUARD 2105 is also a router. PHOENIX CONTACT FL MGUARD represents a series of routers. Several products from PHOENIX CONTACT have...

Phoenix Contact多款产品 安全漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...

PHOENIX CONTACT FL NAT 命令注入漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. PHOENIX CONTACT FL NAT has a command injection vulnerability, which stems from command injection within the device’s Root CA certificate transmission process. This vulnerability cou...

PHOENIX CONTACT FL NAT 安全漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow in the device file transfer parameter workflow. This vulnerability could...

PHOENIX CONTACT FL NAT 安全漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow issue in the CLI’s TFTP file transfer command processing. This...

Phoenix Contact多款产品 安全漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...

Phoenix Contact多款产品 跨站脚本漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have a cross-site...

Phoenix Contact多款产品 安全漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...

PHOENIX CONTACT FL NAT 跨站请求伪造漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by PHOENIX CONTACT GmbH in Germany. PHOENIX CONTACT FL NAT has a cross-site request forgeing vulnerability, which originates from the Link Aggregation configuration interface. This vulnerability may allow unverified remo...

PHOENIX CONTACT TC ROUTER 代码注入漏洞

PHOENIX CONTACT TC ROUTER is a series of routers from PHOENIX CONTACT, Germany. A code injection vulnerability exists in the PHOENIX CONTACT TC ROUTER that stems from improper code generation controls and could lead to code injection and a complete loss of confidentiality, availability, and...

CVE-2020-10939

Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...

CVE-2020-10940

Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service...

CVE-2019-12870

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Confi...

CVE-2019-12869

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code execution. The attacker needs to get access to an...

Phoenix Contact iDS6 DSSPro 安全漏洞

Phoenix Contact iDS6 DSSPro is a digital signage management system from iDS6 USA. A security vulnerability exists in Phoenix Contact iDS6 DSSPro version 6.2, which stems from the presence of a sensitive information disclosure vulnerability that could lead to the interception of passwords...

Phoenix Contact iDS6 DSSPro 安全漏洞

Phoenix Contact iDS6 DSSPro is a digital signage management system from iDS6 USA. A security vulnerability exists in Phoenix Contact iDS6 DSSPro version 6.2, which stems from susceptibility to a cross-site request forgery attack that could result in the addition of unauthorized users...