Design/Logic Flaw

2023-08-0807:15:00

PRIOn knowledge base

www.prio-n.com

phoenix contact

tc router

tc cloud client

cloud client 1101t-tx/tx

authenticated remote attacker

denial-of-service

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.

CPENameOperatorVersion
cloud_client_1101t-tx_firmwarelt2.06.10
tc_cloud_client_1002-4g_att_firmwarelt2.07.2
tc_cloud_client_1002-4g_firmwarelt2.07.2
tc_cloud_client_1002-4g_vzw_firmwarelt2.07.2
tc_router_3002t-4g_att_firmwarelt2.07.2
tc_router_3002t-4g_firmwarelt2.07.2
tc_router_3002t-4g_vzw_firmwarelt2.07.2

Name	Operator	Version
cloud_client_1101t-tx_firmware	lt	2.06.10
tc_cloud_client_1002-4g_att_firmware	lt	2.07.2
tc_cloud_client_1002-4g_firmware	lt	2.07.2
tc_cloud_client_1002-4g_vzw_firmware	lt	2.07.2
tc_router_3002t-4g_att_firmware	lt	2.07.2
tc_router_3002t-4g_firmware	lt	2.07.2
tc_router_3002t-4g_vzw_firmware	lt	2.07.2