Vulnerabilities > Phoenixcontact > Cloud Client 1101T TX Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-3526 Cross-site Scripting vulnerability in Phoenixcontact products
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
network
low complexity
phoenixcontact CWE-79
critical
9.6
2023-08-08 CVE-2023-3569 XML Entity Expansion vulnerability in Phoenixcontact products
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.
network
low complexity
phoenixcontact CWE-776
4.9