high
8.8
CWE
78
Advisory Published
Updated

CVE-2024-43385: Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices

First published: Tue Sep 10 2024(Updated: )

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.

Credit: info@cert.vde.com

Affected SoftwareAffected VersionHow to fix
All of
Phoenix Contact TC Mguard RS4000 4G VZW VPN Firmware<8.9.3
Phoenix Contact TC Mguard RS4000 4G VZW VPN Firmware
All of
Phoenix Contact mGuard RS4000 4G VPN<8.9.3
Phoenix Contact mGuard RS4000 4G VPN
All of
Phoenix Contact TC Mguard RS4000 4G AT&T VPN<8.9.3
Phoenix Contact TC Mguard RS4000 4G AT&T VPN
All of
Phoenix Contact mGuard RS4000 3G VPN<8.9.3
Phoenix Contact TC Mguard RS4000 3G VPN
All of
Phoenixcontact Tc Mguard Rs2000 4g Vpn Firmware<8.9.3
Phoenix Contact TC Mguard RS2000 4G VZW VPN
All of
Phoenix Contact TC MGuard RS2000 4G AT&T VPN Firmware<8.9.3
Phoenixcontact Mguard Rs2000 4g Vpn
All of
Phoenix Contact TC MGuard RS2000 4G ATT VPN<8.9.3
Phoenix Contact TC MGuard RS2000 4G AT&T VPN Firmware
All of
Phoenixcontact Tc Mguard Rs2000 3g Vpn<8.9.3
Phoenixcontact Tc Mguard Rs2000 3g Vpn Firmware
All of
Phoenix Contact FL MGUARD SMART2 VPN Firmware<8.9.3
Phoenixcontact FL Mguard Smart2
All of
Phoenixcontact FL Mguard Smart2<8.9.3
Phoenixcontact FL Mguard Smart2
All of
Phoenix Contact FL MGuard RS4004 TX/DX VPN Firmware<8.9.3
Phoenix Contact FL MGuard RS4004 Tx/Dtx VPN
All of
Phoenixcontact Fl Mguard Rs4004 Tx/dtx Firmware<8.9.3
Phoenix Contact FL MGuard RS4004 Tx/Dtx
All of
Phoenixcontact FL Mguard RS4000 TX/TX VPN Firmware<8.9.3
Phoenixcontact FL Mguard RS4000 Tx/TX VPN
All of
Phoenixcontact Fl Mguard Rs4000 Tx/tx-p Firmware<8.9.3
Phoenix Contact FL MGUARD RS4000 TX/TX-P
All of
Phoenix Contact FL MGUARD RS4000 TX/TX-M Firmware<8.9.3
Phoenixcontact Fl Mguard Rs4000 Tx/tx-m
All of
Phoenixcontact Fl Mguard Rs4000 Tx/tx Firmware<8.9.3
Phoenix Contact FL MGuard RS4000 Tx/TX
All of
Phoenix Contact FL MGuard RS2005 TX VPN<8.9.3
Phoenix Contact FL MGuard RS2005 TX VPN
All of
Phoenix Contact FL MGUARD RS2000 TX/TX VPN Firmware<8.9.3
Phoenix Contact FL MGuard RS2000 TX/TX VPN
All of
Phoenixcontact Fl Mguard Rs2000 Tx/tx-b Firmware<8.9.3
Phoenixcontact FL Mguard RS2000 Tx/Tx-b
All of
Phoenix Contact FL Mguard PCIe4000 VPN Firmware<8.9.3
Phoenix Contact FL Mguard PCIe4000 VPN
All of
Phoenixcontact Fl Mguard Pcie4000 Firmware<8.9.3
Phoenix Contact FL MGuard PCIe 4000
All of
Phoenixcontact Mguard Pci4000 Vpn Firmware<8.9.3
Phoenix Contact mGuard PCI4000 VPN
All of
Phoenixcontact Fl Mguard Pcie4000 Firmware<8.9.3
Phoenixcontact FL MGuard PCI4000 VPN
All of
Phoenixcontact FL Mguard GT/GT VPN Firmware<8.9.3
Phoenix Contact FL MGuard GT/GT VPN
All of
Phoenixcontact Fl Mguard Gt/gt Firmware<8.9.3
Phoenix Contact FL MGuard GT/GT
All of
Phoenixcontact Fl Mguard Delta Tx/tx Vpn Firmware<8.9.3
Phoenixcontact FL Mguard Delta TX/TX VPN
All of
Phoenix Contact FL Mguard Delta TX/TX Firmware<8.9.3
Phoenix Contact FL Mguard Delta TX/TX
All of
Phoenix Contact FL MGuard Core TX VPN Firmware<8.9.3
Phoenix Contact FL MGuard Core TX VPN Firmware
All of
Phoenix Contact FL MGuard Core TX Firmware<8.9.3
Phoenix Contact FL Mguard Core Tx
All of
Phoenixcontact Fl Mguard Centerport Vpn-1000<8.9.3
Phoenixcontact Fl Mguard Centerport Vpn-1000 Firmware
All of
Phoenixcontact Fl Mguard 4305<10.4.1
Phoenixcontact Fl Mguard 4305 Firmware
All of
Phoenixcontact FL Mguard 4302 Firmware<10.4.1
Phoenixcontact FL Mguard 4302 Firmware
All of
Phoenix Contact FL MGuard 4102 PCI Firmware<10.4.1
Phoenixcontact FL Mguard 4102 Pcie Firmware
All of
Phoenix Contact FL MGuard 4102 PCI Firmware<10.4.1
Phoenix Contact FL MGuard 4102 PCI
All of
Phoenixcontact Fl Mguard 2105 Firmware<10.4.1
Phoenixcontact Fl Mguard 2105 Firmware
All of
Phoenixcontact Fl Mguard 2102 Firmware<10.4.1
Phoenixcontact Fl Mguard 2102 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-43385?

    CVE-2024-43385 is classified as a low severity vulnerability.

  • How do I fix CVE-2024-43385?

    To fix CVE-2024-43385, update the affected Phoenix Contact mGuard devices to firmware version 8.9.3 or later.

  • What types of devices are affected by CVE-2024-43385?

    CVE-2024-43385 affects various Phoenix Contact mGuard devices, particularly with specific VPN firmware versions.

  • Who can exploit CVE-2024-43385?

    A low privileged remote attacker can exploit CVE-2024-43385 to execute arbitrary OS commands as root.

  • What is the cause of CVE-2024-43385?

    CVE-2024-43385 is caused by improper neutralization of special elements in the variable PROXY_HTTP_PORT.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203