Vulnerabilities > Phoenixcontact > FL Mguard Pci4000 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-7698 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Phoenixcontact products A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks. | 5.7 |
| 2024-09-10 | CVE-2024-7734 | Allocation of Resources Without Limits or Throttling vulnerability in Phoenixcontact products An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. | 5.3 |
| 2023-06-13 | CVE-2023-2673 | Improper Validation of Specified Type of Input vulnerability in Phoenixcontact products Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks. | 5.3 |