3 matches found
Phoenix Contact CHARX SEC-3xxx vulnerable to code injection
Overview CHARX SEC-3xxx provided by Phoenix Contact contains the following vulnerability. Code injection CWE-94 - CVE-2025-41699 Ryo Kato of Panasonic Holdings Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
CVE-2025-41699
creationtimestamp| type| source ---|---|--- 2025-10-14 13:43:53+00:00| seen| https://infosec.exchange/users/certvde/statuses/115372814013214488 2025-10-14 13:45:05+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3m35uerwse5t2...
CVE-2025-41699
Phoenix Contact CHARX SEC-3xxx charging controllers are affected by CVE-2025-41699. The vulnerability is a code injection (CWE-94) that an attacker with a low-privileged remote account for the Web-based management can exploit to change system configuration and perform a root command injection, co...