A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
History

Fri, 27 Sep 2024 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Delta Tx\/tx
Phoenixcontact fl Mguard Delta Tx\/tx Vpn
Phoenixcontact fl Mguard Gt\/gt
Phoenixcontact fl Mguard Gt\/gt Vpn
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx\/tx
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs4004 Tx\/dtx
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn
CPEs cpe:2.3:h:phoenixcontact:fl_mguard_2102:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_2105:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4102_pci:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4102_pcie:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4302:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_4305:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_centerport_vpn-1000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_core_tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_delta_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx-b:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-m:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-p:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:*:*:*:*:*:*:*:*
Vendors & Products Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Delta Tx\/tx
Phoenixcontact fl Mguard Delta Tx\/tx Vpn
Phoenixcontact fl Mguard Gt\/gt
Phoenixcontact fl Mguard Gt\/gt Vpn
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx\/tx
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact fl Mguard Rs4004 Tx\/dtx
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn

Tue, 10 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Phoenixcontact
Phoenixcontact fl Mguard 2102 Firmware
Phoenixcontact fl Mguard 2105 Firmware
Phoenixcontact fl Mguard 4102 Pci Firmware
Phoenixcontact fl Mguard 4102 Pcie Firmware
Phoenixcontact fl Mguard 4302 Firmware
Phoenixcontact fl Mguard 4305 Firmware
Phoenixcontact fl Mguard Centerport Vpn-1000 Firmware
Phoenixcontact fl Mguard Core Tx Firmware
Phoenixcontact fl Mguard Core Tx Vpn Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Gt\/gt Firmware
Phoenixcontact fl Mguard Gt\/gt Vpn Firmware
Phoenixcontact fl Mguard Pci4000 Firmware
Phoenixcontact fl Mguard Pci4000 Vpn Firmware
Phoenixcontact fl Mguard Pcie4000 Firmware
Phoenixcontact fl Mguard Pcie4000 Vpn Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs2005 Tx Vpn Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn Firmware
Phoenixcontact fl Mguard Smart2 Firmware
Phoenixcontact fl Mguard Smart2 Vpn Firmware
Phoenixcontact tc Mguard Rs2000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn Firmware
Phoenixcontact tc Mguard Rs4000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn Firmware
CPEs cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
Vendors & Products Phoenixcontact
Phoenixcontact fl Mguard 2102 Firmware
Phoenixcontact fl Mguard 2105 Firmware
Phoenixcontact fl Mguard 4102 Pci Firmware
Phoenixcontact fl Mguard 4102 Pcie Firmware
Phoenixcontact fl Mguard 4302 Firmware
Phoenixcontact fl Mguard 4305 Firmware
Phoenixcontact fl Mguard Centerport Vpn-1000 Firmware
Phoenixcontact fl Mguard Core Tx Firmware
Phoenixcontact fl Mguard Core Tx Vpn Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Firmware
Phoenixcontact fl Mguard Delta Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Gt\/gt Firmware
Phoenixcontact fl Mguard Gt\/gt Vpn Firmware
Phoenixcontact fl Mguard Pci4000 Firmware
Phoenixcontact fl Mguard Pci4000 Vpn Firmware
Phoenixcontact fl Mguard Pcie4000 Firmware
Phoenixcontact fl Mguard Pcie4000 Vpn Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx-b Firmware
Phoenixcontact fl Mguard Rs2000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs2005 Tx Vpn Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-m Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx-p Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Firmware
Phoenixcontact fl Mguard Rs4000 Tx\/tx Vpn Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Firmware
Phoenixcontact fl Mguard Rs4004 Tx\/dtx Vpn Firmware
Phoenixcontact fl Mguard Smart2 Firmware
Phoenixcontact fl Mguard Smart2 Vpn Firmware
Phoenixcontact tc Mguard Rs2000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn Firmware
Phoenixcontact tc Mguard Rs4000 3g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Att Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vpn Firmware
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 10 Sep 2024 08:45:00 +0000

Type Values Removed Values Added
Description A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
Title Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-09-10T08:43:41.392Z

Updated: 2024-09-10T14:25:13.169Z

Reserved: 2024-08-12T08:30:16.359Z

Link: CVE-2024-43386

cve-icon Vulnrichment

Updated: 2024-09-10T14:23:52.153Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-10T09:15:04.400

Modified: 2024-09-27T19:33:22.077

Link: CVE-2024-43386

cve-icon Redhat

No data.