CVE-2024-43385

Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices

Description

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.

Category

8.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 1.04% Top 25%
Third-Party Advisory vde.com
Affected: PHOENIX CONTACT FL MGUARD 2102
Affected: PHOENIX CONTACT FL MGUARD 2105
Affected: PHOENIX CONTACT FL MGUARD 4102 PCI
Affected: PHOENIX CONTACT FL MGUARD 4102 PCIE
Affected: PHOENIX CONTACT FL MGUARD 4302
Affected: PHOENIX CONTACT FL MGUARD 4305
Affected: PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000
Affected: PHOENIX CONTACT FL MGUARD CORE TX
Affected: PHOENIX CONTACT FL MGUARD CORE TX VPN
Affected: PHOENIX CONTACT FL MGUARD DELTA TX/TX
Affected: PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD GT/GT
Affected: PHOENIX CONTACT FL MGUARD GT/GT VPN
Affected: PHOENIX CONTACT FL MGUARD PCI4000
Affected: PHOENIX CONTACT FL MGUARD PCI4000 VPN
Affected: PHOENIX CONTACT FL MGUARD PCIE4000
Affected: PHOENIX CONTACT FL MGUARD PCIE4000 VPN
Affected: PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B
Affected: PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS2005 TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS4004 TX/DTX
Affected: PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN
Affected: PHOENIX CONTACT FL MGUARD SMART2
Affected: PHOENIX CONTACT FL MGUARD SMART2 VPN
Affected: PHOENIX CONTACT TC MGUARD RS2000 3G VPN
Affected: PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN
Affected: PHOENIX CONTACT TC MGUARD RS2000 4G VPN
Affected: PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN
Affected: PHOENIX CONTACT TC MGUARD RS4000 3G VPN
Affected: PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN
Affected: PHOENIX CONTACT TC MGUARD RS4000 4G VPN
Affected: PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN
Published at:
Updated at:

References

Link Tags
https://cert.vde.com/en/advisories/VDE-2024-039 third party advisory

Frequently Asked Questions

What is the severity of CVE-2024-43385?
CVE-2024-43385 has been scored as a high severity vulnerability.
How to fix CVE-2024-43385?
To fix CVE-2024-43385, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-43385 being actively exploited in the wild?
It is possible that CVE-2024-43385 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-43385?
CVE-2024-43385 affects PHOENIX CONTACT FL MGUARD 2102, PHOENIX CONTACT FL MGUARD 2105, PHOENIX CONTACT FL MGUARD 4102 PCI, PHOENIX CONTACT FL MGUARD 4102 PCIE, PHOENIX CONTACT FL MGUARD 4302, PHOENIX CONTACT FL MGUARD 4305, PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000, PHOENIX CONTACT FL MGUARD CORE TX, PHOENIX CONTACT FL MGUARD CORE TX VPN, PHOENIX CONTACT FL MGUARD DELTA TX/TX, PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN, PHOENIX CONTACT FL MGUARD GT/GT, PHOENIX CONTACT FL MGUARD GT/GT VPN, PHOENIX CONTACT FL MGUARD PCI4000, PHOENIX CONTACT FL MGUARD PCI4000 VPN, PHOENIX CONTACT FL MGUARD PCIE4000, PHOENIX CONTACT FL MGUARD PCIE4000 VPN, PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B, PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN, PHOENIX CONTACT FL MGUARD RS2005 TX VPN, PHOENIX CONTACT FL MGUARD RS4000 TX/TX, PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M, PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P, PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN, PHOENIX CONTACT FL MGUARD RS4004 TX/DTX, PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN, PHOENIX CONTACT FL MGUARD SMART2, PHOENIX CONTACT FL MGUARD SMART2 VPN, PHOENIX CONTACT TC MGUARD RS2000 3G VPN, PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN, PHOENIX CONTACT TC MGUARD RS2000 4G VPN, PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN, PHOENIX CONTACT TC MGUARD RS4000 3G VPN, PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN, PHOENIX CONTACT TC MGUARD RS4000 4G VPN, PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.