In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.
                
            References
                    | Link | Resource | 
|---|---|
| https://cert.vde.com/en/advisories/VDE-2023-018/ | Third Party Advisory | 
| https://cert.vde.com/en/advisories/VDE-2023-018/ | Third Party Advisory | 
Configurations
                    Configuration 1 (hide)
| AND | 
 
 | 
Configuration 2 (hide)
| AND | 
 
 | 
Configuration 3 (hide)
| AND | 
 
 | 
Configuration 4 (hide)
| AND | 
 
 | 
Configuration 5 (hide)
| AND | 
 
 | 
Configuration 6 (hide)
| AND | 
 
 | 
History
                    No history.
Information
                Published : 2023-08-09 07:15
Updated : 2024-11-21 08:12
NVD link : CVE-2023-37859
Mitre link : CVE-2023-37859
CVE.ORG link : CVE-2023-37859
JSON object : View
Products Affected
                phoenixcontact
- wp_6156-whps
- wp_6185-whps
- wp_6156-whps_firmware
- wp_6101-wxps
- wp_6121-wxps_firmware
- wp_6070-wvps
- wp_6121-wxps
- wp_6185-whps_firmware
- wp_6101-wxps_firmware
- wp_6215-whps
- wp_6070-wvps_firmware
- wp_6215-whps_firmware
CWE
                
                    
                        
                        CWE-269
                        
            Improper Privilege Management
