Vulnerability CVE-2023-37856


Published: 2023-08-09

Description:
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .

Type:

CWE-610

(Externally Controlled Reference to a Resource in Another Sphere)

 References:
https://cert.vde.com/en/advisories/VDE-2023-018/

Copyright 2024, cxsecurity.com

 

Back to Top