CVE-2024-7699

Summary

An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.

Affected Software

VendorProductVersion RangeStatus
PHOENIX CONTACTFL MGUARD 21020 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 21050 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 4102 PCI0 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 4102 PCIE0 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 43020 < 10.4.1affected
PHOENIX CONTACTFL MGUARD 43050 < 10.4.1affected
PHOENIX CONTACTFL MGUARD CENTERPORT VPN-10000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD CORE TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD CORE TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD DELTA TX/TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD DELTA TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD GT/GT0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD GT/GT VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCI40000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCI4000 VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCIE40000 < 8.9.3affected
PHOENIX CONTACTFL MGUARD PCIE4000 VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2000 TX/TX-B0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2000 TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS2005 TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX-M0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX-P0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4000 TX/TX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4004 TX/DTX0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD RS4004 TX/DTX VPN0 < 8.9.3affected
PHOENIX CONTACTFL MGUARD SMART20 < 8.9.3affected
PHOENIX CONTACTFL MGUARD SMART2 VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 3G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G ATT VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS2000 4G VZW VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 3G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G ATT VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G VPN0 < 8.9.3affected
PHOENIX CONTACTTC MGUARD RS4000 4G VZW VPN0 < 8.9.3affected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References