2 matches found
CVE-2023-3570
Affected software: PHOENIX CONTACT WP 6xxx series web panels, versions before 4.0.10. The root cause is an OS command injection/unauthorized command handling allowing a remote attacker with LOW privileges to send a crafted HTTP DELETE request to gain full control of the device. Impact is full dev...
CVE-2023-3570 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device...