Published: 11/12/2017 Updated: 02/01/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Fl Comserver Basic 232 Firmware

A Cross-site Scripting issue exists in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions before 1.99, 2.20, or 2.40). The cross-site scripting vulnerability has been identified, which may allow remote code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phoenixcontact fl_comserver_basic_232_firmware 2.40
phoenixcontact fl_comserver_uni_422_firmware 2.40
phoenixcontact fl_comserver_bas_485-t_firmware 2.40
phoenixcontact fl_com_server_rs232_firmware 1.99
phoenixcontact fl_com_server_rs485_firmware 1.99
phoenixcontact psi-modem\\/eth_firmware 2.20
phoenixcontact fl_comserver_basic_422_firmware 2.40
phoenixcontact fl_comserver_basic_485_firmware 2.40
phoenixcontact fl_comserver_uni_485-t_firmware 2.40
phoenixcontact fl_comserver_uni_485_firmware 2.40
phoenixcontact fl_comserver_uni_232_firmware 2.40
phoenixcontact fl_comserver_bas_422_firmware 2.40
phoenixcontact fl_comserver_bas_232_firmware 2.40

CWE-79 https://ics-cert.us-cert.gov/advisories/ICSA-17-341-03 https://cert.vde.com/de-de/advisories/vde-2017-004 http://www.securityfocus.com/bid/102111 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-16723

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect