Vulnerabilities > Phoenixcontact > TC Mguard Rs4000 4G VZW VPN Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-10	CVE-2024-7698	Improper Cross-boundary Removal of Sensitive Data vulnerability in Phoenixcontact products A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks. network low complexity phoenixcontact CWE-212	5.7
2024-09-10	CVE-2024-7734	Allocation of Resources Without Limits or Throttling vulnerability in Phoenixcontact products An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. network low complexity phoenixcontact CWE-770	5.3
2020-12-17	CVE-2020-12523	Missing Initialization of Resource vulnerability in Phoenixcontact products On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. network low complexity phoenixcontact CWE-909	6.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.