CVE-2025-41749
- EPSS 0.1%
- Veröffentlicht 09.12.2025 08:08:36
- Zuletzt bearbeitet 19.12.2025 16:46:12
An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerabi...
CVE-2025-41750
- EPSS 0.13%
- Veröffentlicht 09.12.2025 08:07:58
- Zuletzt bearbeitet 19.12.2025 16:45:56
An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnera...
CVE-2025-41751
- EPSS 0.13%
- Veröffentlicht 09.12.2025 08:07:36
- Zuletzt bearbeitet 19.12.2025 16:45:53
An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulner...
CVE-2025-41752
- EPSS 0.13%
- Veröffentlicht 09.12.2025 08:07:03
- Zuletzt bearbeitet 19.12.2025 16:45:51
An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnera...
- EPSS 0.29%
- Veröffentlicht 02.02.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:55
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.