Fl Mguard Pci4000 Firmware Security Vulnerabilities - April
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cann...
7.5CVSS
7.6AI Score
0.002EPSS
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
5.3CVSS
5.3AI Score
0.001EPSS
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS...
8.1CVSS
6.5AI Score
0.0004EPSS
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
8.8CVSS
8.8AI Score
0.001EPSS