VYPR

FL NAT 2208

by Phoenixcontact

CVEs (24)

  • CVE-2026-22319Mar 18, 2026
    risk 0.00cvss epss 0.00

    A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack.

  • CVE-2026-22318Mar 18, 2026
    risk 0.00cvss epss 0.00

    A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack.

  • CVE-2026-22317Mar 18, 2026
    risk 0.00cvss epss 0.01

    A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges.

  • CVE-2026-22316Mar 18, 2026
    risk 0.00cvss epss 0.00

    A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack.

Page 2 of 2