Phoenixcontact Fl Mguard 2102 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Phoenixcontact Fl Mguard 2102 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2024-7699 — CVSS 8.8 (high): An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user…
CVE-2024-43385 — CVSS 8.8 (high): A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special…
CVE-2024-43386 — CVSS 8.8 (high): A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special…
CVE-2024-43387 — CVSS 8.8 (high): A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable…
CVE-2024-43388 — CVSS 8.8 (high): A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
CVE-2024-43389 — CVSS 8.1 (high): A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY…
CVE-2024-43390 — CVSS 8.1 (high): A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the…
CVE-2024-43391 — CVSS 8.1 (high): A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding…
CVE-2024-43393 — CVSS 8.1 (high): A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding…
CVE-2024-43384 — CVSS 8.0 (high): A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVE-2024-7698 — CVSS 5.7 (medium): A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
CVE-2024-7734 — CVSS 5.3 (medium): An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of…
CVE-2023-2673 — CVSS 5.3 (medium): Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the…