Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
28 vulnerabilities found for wp_6121-wxps_firmware by phoenixcontact
CVE-2023-37864 (GCVE-0-2023-37864)
Vulnerability from nvd – Published: 2023-08-09 06:35 – Updated: 2024-10-10 17:34
VLAI?
Title
PHOENIX CONTACT: WP 6xxx Web panels prone to download code without integrity check
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Severity ?
7.2 (High)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:27:32.978485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:34:41.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges\u0026nbsp;may use an a special SNMP request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges\u00a0may use an a special SNMP request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:35:48.425Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: WP 6xxx Web panels prone to download code without integrity check",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37864",
"datePublished": "2023-08-09T06:35:48.425Z",
"dateReserved": "2023-07-10T07:53:04.116Z",
"dateUpdated": "2024-10-10T17:34:41.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37863 (GCVE-0-2023-37863)
Vulnerability from nvd – Published: 2023-08-09 06:36 – Updated: 2024-10-10 18:24
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:58:39.456950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T18:24:06.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10\u0026nbsp;a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10\u00a0a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:28.150Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37863",
"datePublished": "2023-08-09T06:36:28.150Z",
"dateReserved": "2023-07-10T07:53:04.116Z",
"dateUpdated": "2024-10-10T18:24:06.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37862 (GCVE-0-2023-37862)
Vulnerability from nvd – Published: 2023-08-09 06:35 – Updated: 2024-10-10 17:43
VLAI?
Title
PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.
Severity ?
8.2 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:36:26.292093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:43:31.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:35:14.704Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37862",
"datePublished": "2023-08-09T06:35:14.704Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:43:31.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37861 (GCVE-0-2023-37861)
Vulnerability from nvd – Published: 2023-08-09 06:34 – Updated: 2024-10-10 17:59
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:52:10.296158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:59:20.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:34:36.113Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37861",
"datePublished": "2023-08-09T06:34:36.113Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:59:20.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37860 (GCVE-0-2023-37860)
Vulnerability from nvd – Published: 2023-08-09 06:34 – Updated: 2024-10-10 17:50
VLAI?
Title
PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.
Severity ?
7.5 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:44:46.862605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:50:45.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:32:01.495Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37860",
"datePublished": "2023-08-09T06:34:56.332Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:50:45.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37859 (GCVE-0-2023-37859)
Vulnerability from nvd – Published: 2023-08-09 06:36 – Updated: 2024-08-02 17:23
VLAI?
Title
PHOENIX CONTACT: Improper Privilege Management in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.
Severity ?
7.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:07.644Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Improper Privilege Management in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37859",
"datePublished": "2023-08-09T06:36:07.644Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-08-02T17:23:27.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37858 (GCVE-0-2023-37858)
Vulnerability from nvd – Published: 2023-08-09 06:37 – Updated: 2024-08-02 17:23
VLAI?
Title
PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
Severity ?
4.9 (Medium)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T14:34:49.405Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37858",
"datePublished": "2023-08-09T06:37:48.351Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-08-02T17:23:27.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37857 (GCVE-0-2023-37857)
Vulnerability from nvd – Published: 2023-08-09 06:37 – Updated: 2024-10-08 14:56
VLAI?
Title
PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.
Severity ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:26.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:43:30.893311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:56:47.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T09:15:17.696Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37857",
"datePublished": "2023-08-09T06:37:26.551Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-08T14:56:47.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37856 (GCVE-0-2023-37856)
Vulnerability from nvd – Published: 2023-08-09 06:36 – Updated: 2024-10-08 15:03
VLAI?
Title
PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
Severity ?
4.3 (Medium)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37856",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T15:00:14.667489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T15:03:25.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:49.331Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37856",
"datePublished": "2023-08-09T06:36:49.331Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-08T15:03:25.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37855 (GCVE-0-2023-37855)
Vulnerability from nvd – Published: 2023-08-09 06:37 – Updated: 2024-10-08 14:57
VLAI?
Title
PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.
Severity ?
4.3 (Medium)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:43:38.344040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:57:56.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:37:07.620Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37855",
"datePublished": "2023-08-09T06:37:07.620Z",
"dateReserved": "2023-07-10T07:53:04.114Z",
"dateUpdated": "2024-10-08T14:57:56.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3573 (GCVE-0-2023-3573)
Vulnerability from nvd – Published: 2023-08-08 06:51 – Updated: 2024-10-15 19:23
VLAI?
Title
PHOENIX CONTACT: Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3573",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:19:48.569897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:23:30.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations\u0026nbsp;to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations\u00a0to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:08:43.409Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3573",
"datePublished": "2023-08-08T06:51:34.335Z",
"dateReserved": "2023-07-10T07:53:14.441Z",
"dateUpdated": "2024-10-15T19:23:30.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3572 (GCVE-0-2023-3572)
Vulnerability from nvd – Published: 2023-08-08 06:52 – Updated: 2024-10-15 19:18
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device.
Severity ?
10 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:55.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3572",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:50.910247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:18:16.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T08:12:15.705Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3572",
"datePublished": "2023-08-08T06:52:29.820Z",
"dateReserved": "2023-07-10T07:53:13.476Z",
"dateUpdated": "2024-10-15T19:18:16.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3571 (GCVE-0-2023-3571)
Vulnerability from nvd – Published: 2023-08-08 06:52 – Updated: 2024-11-04 17:15
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:56.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3571",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T17:12:16.527785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:15:17.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:08:03.818Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3571",
"datePublished": "2023-08-08T06:52:05.745Z",
"dateReserved": "2023-07-10T07:53:12.241Z",
"dateUpdated": "2024-11-04T17:15:17.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3570 (GCVE-0-2023-3570)
Vulnerability from nvd – Published: 2023-08-08 06:52 – Updated: 2024-10-15 19:13
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:55.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:09:27.526246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:13:29.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:07:25.366Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3570",
"datePublished": "2023-08-08T06:52:57.641Z",
"dateReserved": "2023-07-10T07:53:11.063Z",
"dateUpdated": "2024-10-15T19:13:29.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37858 (GCVE-0-2023-37858)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:37 – Updated: 2024-08-02 17:23
VLAI?
Title
PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
Severity ?
4.9 (Medium)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T14:34:49.405Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37858",
"datePublished": "2023-08-09T06:37:48.351Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-08-02T17:23:27.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37857 (GCVE-0-2023-37857)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:37 – Updated: 2024-10-08 14:56
VLAI?
Title
PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.
Severity ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:26.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:43:30.893311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:56:47.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T09:15:17.696Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37857",
"datePublished": "2023-08-09T06:37:26.551Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-08T14:56:47.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37855 (GCVE-0-2023-37855)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:37 – Updated: 2024-10-08 14:57
VLAI?
Title
PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.
Severity ?
4.3 (Medium)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:43:38.344040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:57:56.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:37:07.620Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37855",
"datePublished": "2023-08-09T06:37:07.620Z",
"dateReserved": "2023-07-10T07:53:04.114Z",
"dateUpdated": "2024-10-08T14:57:56.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37856 (GCVE-0-2023-37856)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:36 – Updated: 2024-10-08 15:03
VLAI?
Title
PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
Severity ?
4.3 (Medium)
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37856",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T15:00:14.667489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T15:03:25.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:49.331Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37856",
"datePublished": "2023-08-09T06:36:49.331Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-08T15:03:25.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37863 (GCVE-0-2023-37863)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:36 – Updated: 2024-10-10 18:24
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:58:39.456950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T18:24:06.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10\u0026nbsp;a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10\u00a0a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:28.150Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37863",
"datePublished": "2023-08-09T06:36:28.150Z",
"dateReserved": "2023-07-10T07:53:04.116Z",
"dateUpdated": "2024-10-10T18:24:06.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37859 (GCVE-0-2023-37859)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:36 – Updated: 2024-08-02 17:23
VLAI?
Title
PHOENIX CONTACT: Improper Privilege Management in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.
Severity ?
7.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:36:07.644Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Improper Privilege Management in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37859",
"datePublished": "2023-08-09T06:36:07.644Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-08-02T17:23:27.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37864 (GCVE-0-2023-37864)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:35 – Updated: 2024-10-10 17:34
VLAI?
Title
PHOENIX CONTACT: WP 6xxx Web panels prone to download code without integrity check
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
Severity ?
7.2 (High)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:27:32.978485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:34:41.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges\u0026nbsp;may use an a special SNMP request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges\u00a0may use an a special SNMP request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:35:48.425Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: WP 6xxx Web panels prone to download code without integrity check",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37864",
"datePublished": "2023-08-09T06:35:48.425Z",
"dateReserved": "2023-07-10T07:53:04.116Z",
"dateUpdated": "2024-10-10T17:34:41.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37862 (GCVE-0-2023-37862)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:35 – Updated: 2024-10-10 17:43
VLAI?
Title
PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.
Severity ?
8.2 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:36:26.292093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:43:31.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:35:14.704Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37862",
"datePublished": "2023-08-09T06:35:14.704Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:43:31.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37860 (GCVE-0-2023-37860)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:34 – Updated: 2024-10-10 17:50
VLAI?
Title
PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.
Severity ?
7.5 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:44:46.862605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:50:45.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.\u003cbr\u003e"
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:32:01.495Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Missing Authorization in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37860",
"datePublished": "2023-08-09T06:34:56.332Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:50:45.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37861 (GCVE-0-2023-37861)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:34 – Updated: 2024-10-10 17:59
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:52:10.296158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T17:59:20.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T06:34:36.113Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-37861",
"datePublished": "2023-08-09T06:34:36.113Z",
"dateReserved": "2023-07-10T07:53:04.115Z",
"dateUpdated": "2024-10-10T17:59:20.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3570 (GCVE-0-2023-3570)
Vulnerability from cvelistv5 – Published: 2023-08-08 06:52 – Updated: 2024-10-15 19:13
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:55.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:09:27.526246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:13:29.756Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:07:25.366Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3570",
"datePublished": "2023-08-08T06:52:57.641Z",
"dateReserved": "2023-07-10T07:53:11.063Z",
"dateUpdated": "2024-10-15T19:13:29.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3572 (GCVE-0-2023-3572)
Vulnerability from cvelistv5 – Published: 2023-08-08 06:52 – Updated: 2024-10-15 19:18
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device.
Severity ?
10 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:55.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3572",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:14:50.910247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:18:16.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T08:12:15.705Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3572",
"datePublished": "2023-08-08T06:52:29.820Z",
"dateReserved": "2023-07-10T07:53:13.476Z",
"dateUpdated": "2024-10-15T19:18:16.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3571 (GCVE-0-2023-3571)
Vulnerability from cvelistv5 – Published: 2023-08-08 06:52 – Updated: 2024-11-04 17:15
VLAI?
Title
PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:56.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6070-wvps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6101-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6121-wxps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6156-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6185-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_6215-whps_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3571",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T17:12:16.527785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:15:17.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:08:03.818Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3571",
"datePublished": "2023-08-08T06:52:05.745Z",
"dateReserved": "2023-07-10T07:53:12.241Z",
"dateUpdated": "2024-11-04T17:15:17.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3573 (GCVE-0-2023-3573)
Vulnerability from cvelistv5 – Published: 2023-08-08 06:51 – Updated: 2024-10-15 19:23
VLAI?
Title
PHOENIX CONTACT: Command Injection in WP 6xxx Web panels
Summary
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | WP 6070-WVPS |
Affected:
0 , < 4.0.10
(semver)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Date Public ?
2023-08-08 06:45
Credits
Gabriele Quagliarella from Nozomi Networks Labs
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6070-wvps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6101-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6121-wxps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6156-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6185-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_6215-whps",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3573",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:19:48.569897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:23:30.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks Labs"
}
],
"datePublic": "2023-08-08T06:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations\u0026nbsp;to gain full access to the device."
}
],
"value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations\u00a0to gain full access to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T06:08:43.409Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-018/"
}
],
"source": {
"advisory": "VDE-2023-018",
"defect": [
"CERT@VDE#64468"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Command Injection in WP 6xxx Web panels",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-3573",
"datePublished": "2023-08-08T06:51:34.335Z",
"dateReserved": "2023-07-10T07:53:14.441Z",
"dateUpdated": "2024-10-15T19:23:30.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}