In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions before 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX before 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phoenixcontact cloud_client_1101t-tx_firmware |
||
phoenixcontact tc_cloud_client_1002-4g_att_firmware |
||
phoenixcontact tc_cloud_client_1002-4g_firmware |
||
phoenixcontact tc_cloud_client_1002-4g_vzw_firmware |
||
phoenixcontact tc_router_3002t-4g_att_firmware |
||
phoenixcontact tc_router_3002t-4g_firmware |
||
phoenixcontact tc_router_3002t-4g_vzw_firmware |