Описание
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
Затрагиваемое ПО
Phoenixcontact Tc mguard rs4000 4g vzw vpn firmwarePhoenixcontact Tc mguard rs4000 4g vzw vpnPhoenixcontact Tc mguard rs4000 4g vpn firmwarePhoenixcontact Tc mguard rs4000 4g vpnPhoenixcontact Tc mguard rs4000 4g att vpn firmwarePhoenixcontact Tc mguard rs4000 4g att vpnPhoenixcontact Tc mguard rs4000 3g vpn firmwarePhoenixcontact Tc mguard rs4000 3g vpnPhoenixcontact Tc mguard rs2000 4g vzw vpn firmwarePhoenixcontact Tc mguard rs2000 4g vzw vpnPhoenixcontact Tc mguard rs2000 4g vpn firmwarePhoenixcontact Tc mguard rs2000 4g vpnPhoenixcontact Tc mguard rs2000 4g att vpn firmwarePhoenixcontact Tc mguard rs2000 4g att vpnPhoenixcontact Tc mguard rs2000 3g vpn firmwarePhoenixcontact Tc mguard rs2000 3g vpnPhoenixcontact Fl mguard smart2 vpn firmwarePhoenixcontact Fl mguard smart2 vpnPhoenixcontact Fl mguard smart2 firmwarePhoenixcontact Fl mguard smart2Phoenixcontact Fl mguard rs4004 tx\/dtx vpn firmwarePhoenixcontact Fl mguard rs4004 tx\/dtx vpnPhoenixcontact Fl mguard rs4004 tx\/dtx firmwarePhoenixcontact Fl mguard rs4004 tx\/dtxPhoenixcontact Fl mguard rs4000 tx\/tx vpn firmware
CVSS
| Балл | 8.1 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Источники
https://cert.vde.com/en/advisories/VDE-2024-039