Unauthenticated Remote Access and Denial-of-Service Vulnerability in PHOENIX CONTACTs WP 6xxx Series Web Panels

Unauthenticated Remote Access and Denial-of-Service Vulnerability in PHOENIX CONTACTs WP 6xxx Series Web Panels

CVE-2023-37862 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.

Learn more about our Web App Pen Testing.