Design/Logic Flaw

2023-08-0807:15:00

PRIOn knowledge base

www.prio-n.com

phoenix contact; tc router; tc cloud client; cloud client 1101t-tx/tx; unauthenticated; reflective xss; remote attacker; code execution

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.1%

JSON

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user’s browser.

CPENameOperatorVersion
cloud_client_1101t-tx_firmwarelt2.06.10
tc_cloud_client_1002-4g_att_firmwarelt2.07.2
tc_cloud_client_1002-4g_firmwarelt2.07.2
tc_cloud_client_1002-4g_vzw_firmwarelt2.07.2
tc_router_3002t-4g_att_firmwarelt2.07.2
tc_router_3002t-4g_firmwarelt2.07.2
tc_router_3002t-4g_vzw_firmwarelt2.07.2

Name	Operator	Version
cloud_client_1101t-tx_firmware	lt	2.06.10
tc_cloud_client_1002-4g_att_firmware	lt	2.07.2
tc_cloud_client_1002-4g_firmware	lt	2.07.2
tc_cloud_client_1002-4g_vzw_firmware	lt	2.07.2
tc_router_3002t-4g_att_firmware	lt	2.07.2
tc_router_3002t-4g_firmware	lt	2.07.2
tc_router_3002t-4g_vzw_firmware	lt	2.07.2