CVSS: 8.1EPSS: 0%CPEs: 58EXPL: 0CVE-2018-10728
https://notcve.org/view.php?id=CVE-2018-10728
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731). Todos los productos Phoenix Contact managed FL SWITCH 3xxx, 4xxx y 48xx que ejecutan la versión del firmware 1.0 a 1.33 son propensos a desbordamientos de búfer (una vulnerabilidad distinta de CVE-2018-10731). • http://www.securityfocus.com/bid/104231 https://cert.vde.com/de-de/advisories/vde-2018-006 https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 58EXPL: 0CVE-2018-10731
https://notcve.org/view.php?id=CVE-2018-10731
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728). Todos los productos Phoenix Contact managed FL SWITCH 3xxx, 4xxx y 48xx que ejecutan la versión del firmware 1.0 a 1.33 son propensos a desbordamientos de búfer cuando se gestionan cookies muy grandes (una vulnerabilidad distinta de CVE-2018-10728). • http://www.securityfocus.com/bid/104231 https://cert.vde.com/de-de/advisories/vde-2018-007 https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 58EXPL: 0CVE-2018-10729
https://notcve.org/view.php?id=CVE-2018-10729
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user. Todos los productos Phoenix Contact managed FL SWITCH 3xxx, 4xxx y 48xx que ejecutan la versión del firmware 1.0 a 1.33 permiten la lectura del archivo de configuración por un usuario no autenticado. • http://www.securityfocus.com/bid/104231 https://cert.vde.com/de-de/advisories/vde-2018-005 https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 58EXPL: 0CVE-2018-10730
https://notcve.org/view.php?id=CVE-2018-10730
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection. Todos los productos Phoenix Contact managed FL SWITCH 3xxx, 4xxx y 48xx que ejecutan la versión del firmware 1.0 a 1.33 son propensos a una inyección de comandos del sistema operativo. • http://www.securityfocus.com/bid/104231 https://cert.vde.com/de-de/advisories/vde-2018-004 https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 60EXPL: 0CVE-2017-16741
https://notcve.org/view.php?id=CVE-2017-16741
An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to use Monitor Mode on the device to read diagnostic information. Se ha descubierto un problema de exposición de información en productos PHOENIX CONTACT FL SWITCH 3xxx, 4xxx y 48xxx Series que ejecutan las versiones de firmware 1.0 a 1.32. Un atacante remoto no autenticado podría emplear Monitor Mode en el dispositivo para leer información de diagnóstico. • https://cert.vde.com/en-us/advisories/vde-2017-006 https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •