CyberDanube2023-08-08T11:11:19+01:00
Title: Multiple Vulnerabilities
Product: Phoenix Contact TC Cloud Client 1002-4G*, TC Router 3002T-4G, Cloud Client 1101T-TX/TX
Vulnerable version: <2.07.2, <2.07.2, <2.06.10
Fixed version: 2.07.2, 2.07.2, 2.06.10
CVE: CVE-2023-3526, CVE-2023-3569
Impact: Medium
Homepage: https://www.phoenixcontact.com/
Found: 2023-05-04
By: A. Resanovic, S. Stockinger, T. Etzenberger
Disclaimer: This vulnerability was discovery during research at St. Pölten UAS, supported and coordinated by CyberDanube.
Phoenix Contact TC Cloud Client, TC Router & Cloud Client are prone to a Stored Cross-Site Scripting (XSS) and Billion laughs attack.
At Phoenix Contact, our approach is innovative, sustainable, and based on...