3 matches found
CVE-2023-3571 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device...
CVE-2023-3571 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device...
CVE-2023-3571
The CVE concerns PHOENIX CONTACT WP 6xxx series web panels (pre-4.0.10). An OS command injection flaw arises from insufficient input handling, allowing a remote, low-privileged attacker to leverage a specific HTTP POST related to certificate operations to gain full device access. Affected: WP 6xx...