Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Dec 9, 2025
Reflected XSS vulnerability in pxc_Dot1xCfg.php
CVE-2025-41748
Description
An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
690.0.0+ 1 more
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
0.0.0+ 1 more
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
0.0.0+ 33 more
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- (no CPE)range: 0.0.0
- Phoenix Contact/FL SWITCH 2204-2TC-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206-2FX SMv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206-2FX SM STv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206-2FX STv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206-2SFX PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2206C-2FXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2207-FX SMv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2212-2TC-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2214-2FX SMv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2214-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2214-2SFX PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2303-8SP1v5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2306-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2306-2SFP PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2312-2GC-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2314-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2314-2SFP PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2404-2TC-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2406-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2406-2SFX PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2412-2TC-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2414-2SFXv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2414-2SFX PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2504-2GC-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2506-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2506-2SFP/K1v5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2506-2SFP PNv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2512-2GC-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2514-2SFPv5Range: 0.0.0
- Phoenix Contact/FL SWITCH 2514-2SFP PNv5Range: 0.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.