Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phoenixcontact vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-37856
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37857
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the malicious user to create valid session cookies. These session-cookies created by the attacker ...
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
4.9
CVSSv3
CVE-2023-37858
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.5
CVSSv3
CVE-2023-37860
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
8.8
CVSSv3
CVE-2023-37861
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
8.2
CVSSv3
CVE-2023-37862
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37863
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37864
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
8.8
CVSSv3
CVE-2023-1109
In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full ...
Phoenixcontact Energy Axc Pu
Phoenixcontact Infobox Firmware
Phoenixcontact Smartrtu Axc Sg Firmware
Phoenixcontact Smartrtu Axc Ig Firmware
8.8
CVSSv3
CVE-2019-9744
An issue exists on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a ...
Phoenixcontact Fl Nat Smn 8tx-m-dmg Firmware -
Phoenixcontact Fl Nat Smn 8tx-m Firmware -
Phoenixcontact Fl Nat Smn 8tx Firmware -
Phoenixcontact Fl Nat Smcs 8tx Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »