Vulnerabilities > Phoenixcontact > TC Cloud Client 1002 4G ATT Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-3526 | Cross-site Scripting vulnerability in Phoenixcontact products In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser. | 9.6 |
| 2023-08-08 | CVE-2023-3569 | XML Entity Expansion vulnerability in Phoenixcontact products In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service. | 4.9 |