Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phoenixcontact vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-9744
An issue exists on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a ...
Phoenixcontact Fl Nat Smn 8tx-m-dmg Firmware -
Phoenixcontact Fl Nat Smn 8tx-m Firmware -
Phoenixcontact Fl Nat Smn 8tx Firmware -
Phoenixcontact Fl Nat Smcs 8tx Firmware -
NA
CVE-2014-9195
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote malicious users to execute arbitrary commands via protocol-compliant traffic.
Phoenixcontact-software Multiprog 5.0
Phoenixcontact-software Proconos Eclr
1 EDB exploit
7.5
CVSSv3
CVE-2018-16994
An issue exists on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contac...
Phoenixcontact Axl F Bk Pn Firmware
Phoenixcontact Axl F Bk Eth Firmware
Phoenixcontact Axl F Bk Eth Xc Firmware
7.5
CVSSv3
CVE-2021-34579
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web se...
Phoenixcontact Fl Mguard Dm 1.12.0
Phoenixcontact Fl Mguard Dm 1.13.0
5.9
CVSSv3
CVE-2019-10997
An issue exists on Phoenix Contact AXC F 2152 (No.2404267) prior to 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) prior to 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC s...
Phoenixcontact Axc F 2152 Firmware
Phoenixcontact Axc F 2152 Starterkit Firmware
6.8
CVSSv3
CVE-2019-10998
An issue exists on Phoenix Contact AXC F 2152 (No.2404267) prior to 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) prior to 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication ...
Phoenixcontact Axc F 2152 Firmware
Phoenixcontact Axc F 2152 Starterkit Firmware
9.4
CVSSv3
CVE-2020-8768
An issue exists on Phoenix Contact Emalytics Controller ILC 2050 BI prior to 1.2.3 and BI-L prior to 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of t...
Phoenixcontact Ilc 2050 Bi Firmware
Phoenixcontact Ilc 2050 Bi-l Firmware
9.1
CVSSv3
CVE-2022-29897
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware.
Phoenixcontact Rad-ism-900-en-bd Firmware
Phoenixcontact Rad-ism-900-en-bd/b Firmware
Phoenixcontact Rad-ism-900-en-bd-bus Firmware
9.1
CVSSv3
CVE-2022-29898
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware.
Phoenixcontact Rad-ism-900-en-bd Firmware
Phoenixcontact Rad-ism-900-en-bd/b Firmware
Phoenixcontact Rad-ism-900-en-bd-bus Firmware
8.2
CVSSv3
CVE-2019-18352
Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.
Phoenixcontact Fl Nat 2208 Firmware
Phoenixcontact Fl Nat 2304-2gc-2sfp Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »