Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Feb 27, 2025
PHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices
CVE-2023-3526
Description
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- Range: <2.07.2
<2.07.2+ 1 more
- (no CPE)range: <2.07.2
- (no CPE)range: 0
<2.06.10+ 1 more
- (no CPE)range: <2.06.10
- (no CPE)range: 0
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
0+ 2 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.