Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phoenixcontact vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-37863
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37864
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
4.3
CVSSv3
CVE-2023-37855
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37857
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the malicious user to create valid session cookies. These session-cookies created by the attacker ...
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
7.2
CVSSv3
CVE-2023-37859
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
4.3
CVSSv3
CVE-2023-37856
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
4.9
CVSSv3
CVE-2023-37858
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
8.8
CVSSv3
CVE-2023-3573
In PHOENIX CONTACTs WP 6xxx series web panels in versions before 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device.
Phoenixcontact Wp 6070-wvps Firmware
Phoenixcontact Wp 6101-wxps Firmware
Phoenixcontact Wp 6121-wxps Firmware
Phoenixcontact Wp 6156-whps Firmware
Phoenixcontact Wp 6185-whps Firmware
Phoenixcontact Wp 6215-whps Firmware
9.6
CVSSv3
CVE-2023-3526
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions before 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX before 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of th...
Phoenixcontact Cloud Client 1101t-tx Firmware
Phoenixcontact Tc Cloud Client 1002-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
4.9
CVSSv3
CVE-2023-3569
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions before 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX before 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.
Phoenixcontact Cloud Client 1101t-tx Firmware
Phoenixcontact Tc Cloud Client 1002-4g Att Firmware
Phoenixcontact Tc Cloud Client 1002-4g Firmware
Phoenixcontact Tc Cloud Client 1002-4g Vzw Firmware
Phoenixcontact Tc Router 3002t-4g Att Firmware
Phoenixcontact Tc Router 3002t-4g Firmware
Phoenixcontact Tc Router 3002t-4g Vzw Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »