Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

PHOENIX CONTACT — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting PHOENIX CONTACT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products PHOENIX CONTACT:FL SWITCH 2005CHARX SEC-3000WP 6070-WVPSFL MGUARD 2102CHARX SEC-3150WHA-GW-F2D2-0-AS- Z2-ETHAXC F 1152QUINT4-UPS/24DC/24DC/5/EIPAXC F 1152 (1151412)Phoenix Contact ILC PLCsFL SWITCHAutomation Worx Software SuiteMULTIPROGFL MGUARDAutomation WorxCLOUD CLIENT 1101T-TX/TXConfig+RAD-ISM-900-EN-BD/BENERGY AXC PU (1264327)CHARX SEC-3000 (1139022)ILC 131TC ROUTER 3002T-3GAXL F BK PN TPSDaUMProConOsFL MGUARD CENTERPORTILC 1x0PC WorxFL MGUARD DM (2981974)AXC F
CVE IDTitleCVSSSeverityPaused
CVE-2026-22323 Cross‑Site Request Forgery in Link Aggregation Configuration — FL SWITCH 2005CWE-352 7.1 High2026-03-18
CVE-2026-22322 Stored Cross‑Site Scripting in Link Aggregation Name Handling — FL SWITCH 2005CWE-79 7.1 High2026-03-18
CVE-2026-22321 Stack-Based Buffer Overflow in CLI Login Username Handling over CLI — FL SWITCH 2005CWE-121 5.3 Medium2026-03-18
CVE-2026-22320 Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI — FL SWITCH 2005CWE-121 6.5 Medium2026-03-18
CVE-2026-22319 Stack-Based Buffer Overflow in File Install Parameter Handling — FL SWITCH 2005CWE-121 4.9 Medium2026-03-18
CVE-2026-22318 Stack-Based Buffer Overflow in File Transfer Parameter Handling — FL SWITCH 2005CWE-121 4.9 Medium2026-03-18
CVE-2026-22317 Command Injection Vulnerability in Root CA Certificate Transfer Workflow — FL SWITCH 2005CWE-77 7.2 High2026-03-18
CVE-2026-22316 Buffer Overflow using TFTP Filename — FL SWITCH 2005CWE-121 6.5 Medium2026-03-18
CVE-2025-41717 Config-Upload Code Injection — TC ROUTER 3002T-3GCWE-94 8.8 High2026-01-13
CVE-2025-41693 Authenticated Denial-of-Service via SSH — FL SWITCH 2005CWE-770 4.3 Medium2025-12-09
CVE-2025-41696 Hardcoded User Password — FL SWITCH 2005CWE-798 4.6 Medium2025-12-09
CVE-2025-41694 Authenticated Denial-of-Service via Webshell — FL SWITCH 2005CWE-770 6.5 Medium2025-12-09
CVE-2025-41692 Weak/Predictable root Password — FL SWITCH 2005CWE-916 6.8 Medium2025-12-09
CVE-2025-41697 Shell access to UART Console — FL SWITCH 2005CWE-1299 6.8 Medium2025-12-09
CVE-2025-41695 Reflected XSS vulnerability in dyn_conn.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41745 Reflected XSS vulnerability in pxc_portCntr2.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41746 Reflected XSS vulnerability in pxc_portSecCfg.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41747 Reflected XSS vulnerability in pxc_vlanIntfCfg.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41749 Reflected XSS vulnerability in port_util.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41750 Reflected XSS vulnerability in pxc_PortCfg.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41751 Reflected XSS vulnerability in pxc_portCntr.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41752 Reflected XSS vulnerability in pxc_portSfp.php — FL SWITCH 2005CWE-79 7.1 High2025-12-09
CVE-2025-41699 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers — CHARX SEC-3150CWE-94 8.8 High2025-10-14
CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service — QUINT4-UPS/24DC/24DC/5/EIPCWE-120 5.3 Medium2025-10-14
CVE-2025-41706 Phoenix Contact: Webserver Denial of Service through Malformed Content-Length — QUINT4-UPS/24DC/24DC/5/EIPCWE-120 5.3 Medium2025-10-14
CVE-2025-41705 Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials — QUINT4-UPS/24DC/24DC/5/EIPCWE-523 6.8 Medium2025-10-14
CVE-2025-41704 Phoenix Contact: Unauthenticated Modbus Service DoS via Crafted Function Code — QUINT4-UPS/24DC/24DC/5/EIPCWE-770 5.3 Medium2025-10-14
CVE-2025-41703 Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command — QUINT4-UPS/24DC/24DC/5/EIPCWE-306 7.5 High2025-10-14
CVE-2025-41686 Improper File Permissions Allow Local Privilege Escalation — DaUMCWE-306 7.8 High2025-08-12

This page lists every published CVE security advisory associated with PHOENIX CONTACT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.