CVE-2023-3526: PHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices
First published: Tue Aug 08 2023(Updated: )
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
Credit: info@cert.vde.com info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phoenixcontact Cloud Client 1101t-tx Firmware | <2.06.10 | |
| Phoenixcontact Cloud Client 1101t-tx | ||
| Phoenixcontact Tc Cloud Client 1002-4g Att Firmware | <2.07.2 | |
| Phoenixcontact Tc Cloud Client 1002-4g Att | ||
| Phoenixcontact Tc Cloud Client 1002-4g Firmware | <2.07.2 | |
| Phoenixcontact Tc Cloud Client 1002-4g | ||
| Phoenixcontact Tc Cloud Client 1002-4g Vzw Firmware | <2.07.2 | |
| Phoenixcontact Tc Cloud Client 1002-4g Vzw | ||
| Phoenixcontact Tc Router 3002t-4g Att Firmware | <2.07.2 | |
| Phoenixcontact Tc Router 3002t-4g Att | ||
| Phoenixcontact Tc Router 3002t-4g Firmware | <2.07.2 | |
| Phoenixcontact Tc Router 3002t-4g | ||
| Phoenixcontact Tc Router 3002t-4g Vzw Firmware | <2.07.2 | |
| Phoenixcontact Tc Router 3002t-4g Vzw |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-3526.
What is the severity of CVE-2023-3526?
CVE-2023-3526 has a severity rating of 9.6 (Critical).
Which software versions are affected by CVE-2023-3526?
PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2, as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10, are affected by CVE-2023-3526.
How can an attacker exploit CVE-2023-3526?
An unauthenticated remote attacker can exploit CVE-2023-3526 by using a reflective XSS within the license viewer page of the affected devices to execute code in the context of the user's browser.
Are there any references for CVE-2023-3526?
Yes, you can refer to the following links for more information on CVE-2023-3526: [Packetstorm Security](http://packetstormsecurity.com/files/174152/Phoenix-Contact-TC-Cloud-TC-Router-2.x-XSS-Memory-Consumption.html), [SecLists](http://seclists.org/fulldisclosure/2023/Aug/12), [VDE Advisory](https://cert.vde.com/en/advisories/VDE-2023-017).
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/title
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/phoenixcontact
- canonical/phoenixcontact cloud client 1101t-tx firmware
- canonical/phoenixcontact cloud client 1101t-tx
- canonical/phoenixcontact tc cloud client 1002-4g att firmware
- canonical/phoenixcontact tc cloud client 1002-4g att
- canonical/phoenixcontact tc cloud client 1002-4g firmware
- canonical/phoenixcontact tc cloud client 1002-4g
- canonical/phoenixcontact tc cloud client 1002-4g vzw firmware
- canonical/phoenixcontact tc cloud client 1002-4g vzw
- canonical/phoenixcontact tc router 3002t-4g att firmware
- canonical/phoenixcontact tc router 3002t-4g att
- canonical/phoenixcontact tc router 3002t-4g firmware
- canonical/phoenixcontact tc router 3002t-4g
- canonical/phoenixcontact tc router 3002t-4g vzw firmware
- canonical/phoenixcontact tc router 3002t-4g vzw