cbcvebase.
CVE-2021-21004
published 2021-06-25

CVE-2021-21004: In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.

Affected

30 ranges· showing 25
VendorProductVersion rangeFixed in
phoenix_contactfl_natSMN 8TX (2989365) – 4.63
phoenix_contactfl_natSMN 8TX-M (2702443) – 4.63
phoenix_contactfl_switchSMCS 14TX/2FX (2700997) – 4.70
phoenix_contactfl_switchSMCS 14TX/2FX-SM (2701466) – 4.70
phoenix_contactfl_switchSMCS 16TX (2700996) – 4.70
phoenix_contactfl_switchSMCS 4TX-PN (2989093) – 4.70
phoenix_contactfl_switchSMCS 6GT/2SFP (2891479) – 4.70
phoenix_contactfl_switchSMCS 6TX/2SFP (2989323) – 4.70
phoenix_contactfl_switchSMCS 8GT (2891123) – 4.70
phoenix_contactfl_switchSMCS 8TX (2989226) – 4.70
phoenix_contactfl_switchSMCS 8TX-PN (2989103) – 4.70
phoenix_contactfl_switchSMN 6TX/2FX (2989543) – 4.70
phoenix_contactfl_switchSMN 6TX/2FX SM (2989556) – 4.70
phoenix_contactfl_switchSMN 6TX/2POF-PN (2700290) – 4.70
phoenix_contactfl_switchSMN 8TX-PN (2989501) – 4.70
phoenixcontactfl_nat_smn_8tx-m_firmware<= 4.63
phoenixcontactfl_nat_smn_8tx_firmware<= 4.63
phoenixcontactfl_switch_smcs_14tx_2fx-sm_firmware<= 4.70
phoenixcontactfl_switch_smcs_14tx_2fx_firmware<= 4.70
phoenixcontactfl_switch_smcs_16tx_firmware<= 4.70
phoenixcontactfl_switch_smcs_4tx-pn_firmware<= 4.70
phoenixcontactfl_switch_smcs_6gt_2sfp_firmware<= 4.70
phoenixcontactfl_switch_smcs_6tx_2sfp_firmware<= 4.70
phoenixcontactfl_switch_smcs_8gt_firmware<= 4.70
phoenixcontactfl_switch_smcs_8tx-pn_firmware<= 4.70