VYPR
Unrated severityNVD Advisory· Published Aug 8, 2023· Updated Feb 27, 2025

PHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices

CVE-2023-3526

Description

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.