VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 18, 2026· Updated Mar 18, 2026

Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI

CVE-2026-22320

Description

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI and web dashboard to become unavailable and leading to a denial of service.

Affected products

77
  • Phoenix Contact/FL NAT 2008v5
    Range: 0.0.0
  • Phoenix Contact/FL NAT 2208v5
    Range: 0.0.0
  • Phoenix Contact/FL NAT 2304-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2005v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2008v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2008Fv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2016v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2105v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2108v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2116v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2204-2TC-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2205v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2FXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2FX SMv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2FX SM STv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2FX STv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206-2SFX PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2206C-2FXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2207-FXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2207-FX SMv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2208v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2208Cv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2208 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2212-2TC-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2214-2FXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2214-2FX SMv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2214-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2214-2SFX PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2216v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2216 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2303-8SP1v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2304-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2306-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2306-2SFP PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2308v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2308 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2312-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2314-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2314-2SFP PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2316v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2316/K1v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2316 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2404-2TC-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2406-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2406-2SFX PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2408v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2408 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2412-2TC-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2414-2SFXv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2414-2SFX PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2416v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2416 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2504-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2506-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2506-2SFP/K1v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2506-2SFP PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2508v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2508/K1v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2508 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2512-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2514-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2514-2SFP PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2516v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2516 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2608v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2608 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2708v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 2708 PNv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 5916-8GC-4SFP+v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 5916SFP-8GC-4SFP+v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 5924-4GCv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 5924-4SFP+v5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH 5924SFP-4GCv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH TSN 2312-2GC-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH TSN 2314-2SFPv5
    Range: 0.0.0
  • Phoenix Contact/FL SWITCH TSN 2316v5
    Range: 0.0.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.