漏洞标题
N/A
漏洞描述信息
Phoenix Contact TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices allow authenticated users to inject system commands through a modified POST request to a specific URL.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices allow authenticated users to inject system commands through a modified POST request to a specific URL.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款Phoenix Contact产品操作系统命令注入漏洞
漏洞描述信息
Phoenix Contact TC ROUTER 3002T-4G等都是德国菲尼克斯电气(Phoenix Contact)公司的产品。Phoenix Contact TC ROUTER 3002T-4G是一款工业4G路由器。TC ROUTER 2002T-3G是一款工业3G路由器。TC ROUTER 3002T-4G VZW是一款工业4G路由器。 多款Phoenix Contact产品中存在操作系统命令注入漏洞。攻击者可借助特制请求利用该漏洞在系统上执行任意OS命令。以下产品及版本受到影响:Phoeni
CVSS信息
N/A
漏洞类别
授权问题