Vulnerability Details CVE-2023-3526
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v3 Score 9.6
References
- http://packetstormsecurity.com/files/174152/Phoenix-Contact-TC-Cloud-TC-Router-2.x-XSS-Memory-Consumption.html
- http://seclists.org/fulldisclosure/2023/Aug/12
- https://cert.vde.com/en/advisories/VDE-2023-017
- http://packetstormsecurity.com/files/174152/Phoenix-Contact-TC-Cloud-TC-Router-2.x-XSS-Memory-Consumption.html
- http://seclists.org/fulldisclosure/2023/Aug/12
- https://cert.vde.com/en/advisories/VDE-2023-017
Products affected by CVE-2023-3526
-
cpe:2.3:h:phoenixcontact:cloud_client_1101t-tx:-
-
cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g:-
-
cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g_att:-
-
cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g_vzw:-
-
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g:-
-
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_att:-
-
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_vzw:-
-
cpe:2.3:o:phoenixcontact:cloud_client_1101t-tx_firmware:*
-
cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_att_firmware:*
-
cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_firmware:2.03.17
-
cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_vzw_firmware:*
-
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_att_firmware:2.05.3
-
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_firmware:2.05.3
-
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_vzw_firmware:2.05.3