Vulnerabilities > Phoenixcontact > FL Mguard Rs4004 TX DTX VPN Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-10 | CVE-2024-7698 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Phoenixcontact products A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks. | 5.7 |
2024-09-10 | CVE-2024-7734 | Allocation of Resources Without Limits or Throttling vulnerability in Phoenixcontact products An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. | 5.3 |
2023-06-13 | CVE-2023-2673 | Improper Validation of Specified Type of Input vulnerability in Phoenixcontact products Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks. | 5.3 |
2020-12-17 | CVE-2020-12523 | Missing Initialization of Resource vulnerability in Phoenixcontact products On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. | 6.4 |