Fl Switch 3006T-2Fx St Firmware Security Vulnerabilities - CVSS Score 5 - 6

CVE-2017-16741

An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to use Monitor Mode on the device to read diagnostic information.

CVE-2018-10729

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user.

CVE-2018-13991

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images.