VYPR

Vendor CVEs

Phoenixcontact

All CVEs

138 total · sorted by risk
  • CVE-2025-41751Dec 9, 2025
    risk 0.00cvss epss 0.08

    An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…

  • CVE-2025-41752Dec 9, 2025
    risk 0.00cvss epss 0.08

    An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…

  • CVE-2024-43393Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP…

  • CVE-2024-43392Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable…

  • CVE-2024-43391Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.

  • CVE-2024-43390Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.

  • CVE-2024-43389Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.

  • CVE-2024-43388Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.

  • CVE-2024-43387Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.

  • CVE-2024-43386Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.

  • CVE-2024-43385Sep 10, 2024
    risk 0.00cvss epss 0.01

    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.

  • CVE-2024-7699Sep 10, 2024
    risk 0.00cvss epss 0.01

    An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.

  • CVE-2024-7698Sep 10, 2024
    risk 0.00cvss epss 0.00

    A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.

  • CVE-2024-7734Sep 10, 2024
    risk 0.00cvss epss 0.00

    An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.

  • CVE-2023-46144Dec 14, 2023
    risk 0.00cvss epss 0.00

    A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.

  • CVE-2023-46143Dec 14, 2023
    risk 0.00cvss epss 0.00

    Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.

  • CVE-2023-46142Dec 14, 2023
    risk 0.00cvss epss 0.01

    A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.

  • CVE-2023-46141Dec 14, 2023
    risk 0.00cvss epss 0.01

    Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.

  • CVE-2023-37858Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.

  • CVE-2023-37857Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker…

  • CVE-2023-37855Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.

  • CVE-2023-37856Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .

  • CVE-2023-37863Aug 9, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.

  • CVE-2023-37859Aug 9, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.

  • CVE-2023-37864Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.

  • CVE-2023-37862Aug 9, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.

  • CVE-2023-37860Aug 9, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.

  • CVE-2023-37861Aug 9, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device.

  • CVE-2023-3569Aug 8, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.

  • CVE-2023-3526Aug 8, 2023
    risk 0.00cvss epss 0.02

    In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context…

  • CVE-2023-3570Aug 8, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device.

  • CVE-2023-3572Aug 8, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device.

  • CVE-2023-3571Aug 8, 2023
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device.

  • CVE-2023-3573Aug 8, 2023
    risk 0.00cvss epss 0.01

    In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device.

  • CVE-2023-2673Jun 13, 2023
    risk 0.00cvss epss 0.01

    Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

  • CVE-2023-1109Apr 17, 2023
    risk 0.00cvss epss 0.01

    In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full…

  • CVE-2022-3461Nov 15, 2022
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised…

  • CVE-2022-3737Nov 15, 2022
    risk 0.00cvss epss 0.00

    In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks…

  • CVE-2022-3480Nov 15, 2022
    risk 0.00cvss epss 0.01

    A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for…

  • CVE-2021-34579Nov 9, 2022
    risk 0.00cvss epss 0.01

    In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web…

  • CVE-2022-31801Jun 21, 2022
    risk 0.00cvss epss 0.01

    An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

  • CVE-2022-31800Jun 21, 2022
    risk 0.00cvss epss 0.01

    An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

  • CVE-2022-29898May 11, 2022
    risk 0.00cvss epss 0.01

    On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware.

  • CVE-2022-29897May 11, 2022
    risk 0.00cvss epss 0.01

    On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware.

  • CVE-2022-22509Feb 2, 2022
    risk 0.00cvss epss 0.01

    In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.

  • CVE-2021-34598Nov 10, 2021
    risk 0.00cvss epss 0.01

    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active

  • CVE-2021-34582Nov 10, 2021
    risk 0.00cvss epss 0.00

    In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.

  • CVE-2021-34597Nov 4, 2021
    risk 0.00cvss epss 0.01

    Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.

  • CVE-2021-34570Sep 27, 2021
    risk 0.00cvss epss 0.01

    Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.

  • CVE-2021-33542Jun 25, 2021
    risk 0.00cvss epss 0.02

    Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely…