On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation).
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HPhoenixcontact Axc F 1152
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 2152
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 2152 Starterkit
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 3152
HWPhoenixcontactwszystkie wersjePhoenixcontact Plcnext Firmware
OSPhoenixcontact< 2021.0Phoenixcontact Plcnext Technology Starterkit
HWPhoenixcontactwszystkie wersjePhoenixcontact Rfc 4072s
HWPhoenixcontactwszystkie wersje
Powiązane podatności
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote att...
Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack t...
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i...
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with lo...
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead...