CVE-2024-43392

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through theFW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP  environment variable which can lead to a DoS.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CERTVDECNA
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
phoenixcontacttc_mguard_rs4000_4g_vzw_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs4000_4g_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs4000_4g_att_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs4000_3g_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs2000_4g_vzw_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs2000_4g_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs2000_4g_att_vpn_firmware
𝑥
< 8.9.3
phoenixcontacttc_mguard_rs2000_3g_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_smart2_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_smart2_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4004_tx\/dtx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4004_tx\/dtx_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4000_tx\/tx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4000_tx\/tx-p_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4000_tx\/tx-m_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs4000_tx\/tx_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs2005_tx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs2000_tx\/tx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_rs2000_tx\/tx-b_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_pcie4000_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_pcie4000_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_pci4000_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_pci4000_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_gt\/gt_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_gt\/gt_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_delta_tx\/tx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_delta_tx\/tx_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_core_tx_vpn_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_core_tx_firmware
𝑥
< 8.9.3
phoenixcontactfl_mguard_centerport_vpn-1000_firmware
𝑥
< 8.9.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2024-039