Fl Mguard 2105 Firmware@* Security Vulnerabilities and Issues — Fl Mguard 2105 Firmware@* CVE List

Lucene search

PhoenixcontactFl Mguard 2105 Firmware*

11 matches found

CVE•added 2024/09/10 9:15 a.m.•44 views

CVE-2024-43388

A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.

8.8CVSS8.6AI score0.00356EPSS

CVE•added 2024/09/10 9:15 a.m.•42 views

CVE-2024-43391

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.

8.1CVSS8AI score0.00344EPSS

CVE•added 2024/09/10 8:15 a.m.•42 views

CVE-2024-7734

An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.

5.3CVSS5.3AI score0.0015EPSS

CVE•added 2024/09/10 9:15 a.m.•41 views

CVE-2024-43389

A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.

8.1CVSS8AI score0.00344EPSS

CVE•added 2024/09/10 9:15 a.m.•40 views

CVE-2024-43387

A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.

8.8CVSS8.6AI score0.00414EPSS

CVE•added 2024/09/10 9:15 a.m.•40 views

CVE-2024-43390

A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.

8.1CVSS8AI score0.00344EPSS

CVE•added 2024/09/10 9:15 a.m.•40 views

CVE-2024-43393

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP enviro...

8.1CVSS8.1AI score0.00344EPSS

CVE•added 2024/09/10 9:15 a.m.•40 views

CVE-2024-7698

A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.

5.7CVSS5.5AI score0.00095EPSS

CVE•added 2024/09/10 9:15 a.m.•40 views

CVE-2024-7699

An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.

8.8CVSS8.8AI score0.00634EPSS

CVE•added 2024/09/10 9:15 a.m.•39 views

CVE-2024-43386

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.

8.8CVSS8.8AI score0.01151EPSS

CVE•added 2024/09/10 9:15 a.m.•38 views

CVE-2024-43385

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.

8.8CVSS8.8AI score0.01151EPSS