Vulnerabilities > Phoenixcontact > FL Switch Smcs 4TX PN Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-21003 Improper Resource Shutdown or Release vulnerability in Phoenixcontact products
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services.
network
low complexity
phoenixcontact CWE-404
5.0
2021-06-25 CVE-2021-21004 Cross-site Scripting vulnerability in Phoenixcontact products
In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.
4.3
2021-06-25 CVE-2021-21005 Race Condition vulnerability in Phoenixcontact products
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash.
network
low complexity
phoenixcontact CWE-362
7.8