CVE-2021-33540
7.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Phoenix Contact | AXL F BK | AXL F PN TPS XC (1068857) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F EIP EF (2702782) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F PN TPS (2403869) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F EIP (2688394) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F ETH (2688459) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F ETH XC (2701949) < 1.30 | affected |
| Phoenix Contact | AXL F BK | AXL F S3 (2701686) < 1.40 | affected |
| Phoenix Contact | AXL F BK | AXL F PN (2701815) all revisions | affected |
| Phoenix Contact | AXL F BK | AXL F PN XC (2701222) all revisions | affected |
| Phoenix Contact | AXL F BK | AXL F ETH NET2 (2702177) all revisions | affected |
| Phoenix Contact | AXL F BK | AXL F SAS (2701457) all revisions | affected |
| Phoenix Contact | IL | IL PN BK-PAC (2403696) all revisions | affected |
| Phoenix Contact | IL | IL PN BK DI8 DO4 2TX-PAC (2703994) all revisions | affected |
| Phoenix Contact | IL | IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisions | affected |
| Phoenix Contact | IL | IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisions | affected |
| Phoenix Contact | IL | IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions | affected |
| Phoenix Contact | IL | IL EIP BK DI8 DO4 2TX-PAC (2897758) all revisions | affected |
| Phoenix Contact | IL | IL S3 BK DI8 DO4 2TX-PAC (2692380) all revisions | affected |
Weaknesses
- CWE-798: CWE-798 Use of Hard-coded Credentials
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.