CVE-2018-10729

Vulnerability

CVE-2018-10729 affects all Phoenix Contact FL SWITCH 3xxx, 4xxx, and 48xx series products running firmware version 1.0 to 1.33 [1]. A web interface CGI application copies the contents of the running configuration file to a commonly accessible file. An unauthenticated attacker can manipulate a web login request to expose this file's contents through the browser [1].

Exploitation

The attacker sends a crafted HTTP GET request to the device's web interface. No authentication, prior access, or user interaction is required because the vulnerability lies in the login process itself [1]. The web server processes the malformed request and returns the configuration file contents [1].

Impact

Successful exploitation leads to information disclosure of the device configuration, which may contain network settings, credentials, and other sensitive parameters [1]. The CVSS v3 base score is 5.3, with a vector string of (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N), indicating low confidentiality impact with no impact on integrity or availability [1].

Mitigation

Phoenix Contact has released firmware updates addressing the issue. Affected users should upgrade to firmware version 1.34 or later [1]. As of the advisory publication date (2018-05-17), no workaround was available; disabling the web interface or restricting network access can reduce exposure but does not fully mitigate the vulnerability [1].