VDE-2025-073
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2026-01-13 08:00 - Updated: 2026-01-13 08:00Summary
Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers
Severity
High
Notes
Summary: A code injection vulnerability at the upload-config endpoint in the firmware of TC ROUTER and CLOUD CLIENT Industrial Mobile network routers has been discovered that can be exploited by an high privileged attacker.
Impact: The vulnerability can lead to a total loss of confidentiality, integrity and availability of the devices.
Mitigation: As this vulnerability can only be exploited by an authenticated high privileged user, Phoenix Contact recommends to strictly restrict administrative access to the device. The administrative use shall only import configuration files from trusted sources.
Remediation: Phoenix Contact recommends to upgrade to the latest firmware which will fix this vulnerability.
| Product | Fixed Version |
|----------------------------------|---------------|
| TC ROUTER 3002T-3G | 3.08.8 |
| TC ROUTER 2002T-3G | 3.08.8 |
| TC ROUTER 3002T-4G | 3.08.8 |
| TC ROUTER 3002T-4G GL | 3.08.8 |
| TC ROUTER 5004T-5G EU | 1.06.23 |
| TC ROUTER 3002T-4G VZW | 3.08.8 |
| TC ROUTER 3002T-4G ATT | 3.08.8 |
| TC ROUTER 2002T-4G | 3.08.8 |
| CLOUD CLIENT 1101T-TX/TX | 3.07.7 |
| TC CLOUD CLIENT 1002-4G ATT | 3.08.8 |
| TC CLOUD CLIENT 1002-TX/TX | 3.07.7 |
General Recommendation: For general information and recommendations on security measures to protect network-enabled devices, refer to the application note: [Application Note Security](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).
Product Description: Industrial mobile network router.
An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation ('Code Injection’).
8.8 (High)
Mitigation
As this vulnerability can only be exploited by an authenticated high privileged user, Phoenix Contact recommends to strictly restrict administrative access to the device. The administrative use shall only import configuration files from trusted sources.
Vendor Fix
Phoenix Contact recommends to upgrade to the latest firmware which will fix this vulnerability.
| Product | Fixed Version |
|----------------------------------|---------------|
| TC ROUTER 3002T-3G | 3.08.8 |
| TC ROUTER 2002T-3G | 3.08.8 |
| TC ROUTER 3002T-4G | 3.08.8 |
| TC ROUTER 3002T-4G GL | 3.08.8 |
| TC ROUTER 5004T-5G EU | 1.06.23 |
| TC ROUTER 3002T-4G VZW | 3.08.8 |
| TC ROUTER 3002T-4G ATT | 3.08.8 |
| TC ROUTER 2002T-4G | 3.08.8 |
| CLOUD CLIENT 1101T-TX/TX | 3.07.7 |
| TC CLOUD CLIENT 1002-4G ATT | 3.08.8 |
| TC CLOUD CLIENT 1002-TX/TX | 3.07.7 |
References
Acknowledgments
CERTVDE
certvde.com/en/
CyberDanube
D. Blagojevic
S. Dietz
F. Koroknai
T. Weber
{
"document": {
"acknowledgments": [
{
"organization": "CERTVDE",
"summary": "Coordination",
"urls": [
"https://certvde.com/en/"
]
},
{
"names": [
"D. Blagojevic",
"S. Dietz",
"F. Koroknai",
"T. Weber"
],
"organization": "CyberDanube",
"summary": "Reporting."
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A code injection vulnerability at the upload-config endpoint in the firmware of TC ROUTER and CLOUD CLIENT Industrial Mobile network routers has been discovered that can be exploited by an high privileged attacker.",
"title": "Summary"
},
{
"category": "description",
"text": "The vulnerability can lead to a total loss of confidentiality, integrity and availability of the devices.",
"title": "Impact"
},
{
"category": "description",
"text": "As this vulnerability can only be exploited by an authenticated high privileged user, Phoenix Contact recommends to strictly restrict administrative access to the device. The administrative use shall only import configuration files from trusted sources.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Phoenix Contact recommends to upgrade to the latest firmware which will fix this vulnerability.\n\n| Product | Fixed Version |\n|----------------------------------|---------------|\n| TC ROUTER 3002T-3G | 3.08.8 |\n| TC ROUTER 2002T-3G | 3.08.8 |\n| TC ROUTER 3002T-4G | 3.08.8 |\n| TC ROUTER 3002T-4G GL | 3.08.8 |\n| TC ROUTER 5004T-5G EU | 1.06.23 |\n| TC ROUTER 3002T-4G VZW | 3.08.8 |\n| TC ROUTER 3002T-4G ATT | 3.08.8 |\n| TC ROUTER 2002T-4G | 3.08.8 |\n| CLOUD CLIENT 1101T-TX/TX | 3.07.7 |\n| TC CLOUD CLIENT 1002-4G ATT | 3.08.8 |\n| TC CLOUD CLIENT 1002-TX/TX | 3.07.7 |\n",
"title": "Remediation"
},
{
"category": "general",
"text": "For general information and recommendations on security measures to protect network-enabled devices, refer to the application note: [Application Note Security](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
},
{
"category": "description",
"text": "Industrial mobile network router.",
"title": "Product Description"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2025-00014",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2025-073: Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-073"
},
{
"category": "self",
"summary": "VDE-2025-073: Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-073.json"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
}
],
"title": "Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers",
"tracking": {
"aliases": [
"VDE-2025-073",
"PCSA-2025-00014"
],
"current_release_date": "2026-01-13T08:00:00.000Z",
"generator": {
"date": "2026-01-08T10:01:51.270Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.41"
}
},
"id": "VDE-2025-073",
"initial_release_date": "2026-01-13T08:00:00.000Z",
"revision_history": [
{
"date": "2026-01-13T08:00:00.000Z",
"number": "1.0.0",
"summary": "Initial Revision"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "TC ROUTER 3002T-3G",
"product": {
"name": "TC ROUTER 3002T-3G",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"2702529"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 2002T-3G",
"product": {
"name": "TC ROUTER 2002T-3G",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2702531"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 3002T-4G",
"product": {
"name": "TC ROUTER 3002T-4G",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"2702528"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 3002T-4G GL",
"product": {
"name": "TC ROUTER 3002T-4G GL",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1632697"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 5004T-5G EU",
"product": {
"name": "TC ROUTER 5004T-5G EU",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"1439475"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 3002T-4G VZW",
"product": {
"name": "TC ROUTER 3002T-4G VZW",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"2702532"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 3002T-4G ATT",
"product": {
"name": "TC ROUTER 3002T-4G ATT",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"2702533"
]
}
}
},
{
"category": "product_name",
"name": "TC ROUTER 2002T-4G",
"product": {
"name": "TC ROUTER 2002T-4G",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"2702530"
]
}
}
},
{
"category": "product_name",
"name": "CLOUD CLIENT 1101T-TX/TX",
"product": {
"name": "CLOUD CLIENT 1101T-TX/TX",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1221706"
]
}
}
},
{
"category": "product_name",
"name": "TC CLOUD CLIENT 1002-4G ATT",
"product": {
"name": "TC CLOUD CLIENT 1002-4G ATT",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"2702888"
]
}
}
},
{
"category": "product_name",
"name": "TC CLOUD CLIENT 1002-TX/TX",
"product": {
"name": "TC CLOUD CLIENT 1002-TX/TX",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"2702885"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:generic/\u003c3.08.8",
"product": {
"name": "Firmware \u003cFW 3.08.8",
"product_id": "CSAFPID-21001",
"product_identification_helper": {
"model_numbers": [
"2702529",
"2702531",
"2702528",
"1632697",
"2702532",
"2702533",
"2702530",
"2702888"
]
}
}
},
{
"category": "product_version",
"name": "3.08.8",
"product": {
"name": "Firmware 3.08.8",
"product_id": "CSAFPID-22001",
"product_identification_helper": {
"model_numbers": [
"2702529",
"2702531",
"2702528",
"1632697",
"2702532",
"2702533",
"2702530",
"2702888"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003c3.07.7",
"product": {
"name": "Firmware \u003cFW 3.07.7",
"product_id": "CSAFPID-21002",
"product_identification_helper": {
"model_numbers": [
"1221706",
"2702885"
]
}
}
},
{
"category": "product_version",
"name": "3.07.7",
"product": {
"name": "Firmware 3.07.7",
"product_id": "CSAFPID-22002",
"product_identification_helper": {
"model_numbers": [
"1221706",
"2702885"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003c1.06.23",
"product": {
"name": "Firmware \u003cFW 1.06.23",
"product_id": "CSAFPID-21003",
"product_identification_helper": {
"model_numbers": [
"1439475"
]
}
}
},
{
"category": "product_version",
"name": "1.06.23",
"product": {
"name": "Firmware 1.06.23",
"product_id": "CSAFPID-22003",
"product_identification_helper": {
"model_numbers": [
"1439475"
]
}
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 3002T-3G",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"2702529"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 2002T-3G",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2702531"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 3002T-4G",
"product_id": "CSAFPID-31003",
"product_identification_helper": {
"model_numbers": [
"2702528"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 3002T-4G GL",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1632697"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 1.06.23 installed on TC ROUTER 5004T-5G EU",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1439475"
]
}
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 3002T-4G VZW",
"product_id": "CSAFPID-31006",
"product_identification_helper": {
"model_numbers": [
"2702532"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 3002T-4G ATT",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"2702533"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC ROUTER 2002T-4G",
"product_id": "CSAFPID-31008",
"product_identification_helper": {
"model_numbers": [
"2702530"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.07.7 installed on CLOUD CLIENT 1101T-TX/TX",
"product_id": "CSAFPID-31009",
"product_identification_helper": {
"model_numbers": [
"1221706"
]
}
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.08.8 installed on TC CLOUD CLIENT 1002-4G ATT",
"product_id": "CSAFPID-31010",
"product_identification_helper": {
"model_numbers": [
"2702888"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cFW 3.07.7 installed on TC CLOUD CLIENT 1002-TX/TX",
"product_id": "CSAFPID-31011",
"product_identification_helper": {
"model_numbers": [
"2702885"
]
}
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 3002T-3G",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"2702529"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 2002T-3G",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2702531"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 3002T-4G",
"product_id": "CSAFPID-32003",
"product_identification_helper": {
"model_numbers": [
"2702528"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 3002T-4G GL",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1632697"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.06.23 installed on TC ROUTER 5004T-5G EU",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1439475"
]
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 3002T-4G VZW",
"product_id": "CSAFPID-32006",
"product_identification_helper": {
"model_numbers": [
"2702532"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 3002T-4G ATT",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"2702533"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC ROUTER 2002T-4G",
"product_id": "CSAFPID-32008",
"product_identification_helper": {
"model_numbers": [
"2702530"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.07.7 installed on CLOUD CLIENT 1101T-TX/TX",
"product_id": "CSAFPID-32009",
"product_identification_helper": {
"model_numbers": [
"1221706"
]
}
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.08.8 installed on TC CLOUD CLIENT 1002-4G ATT",
"product_id": "CSAFPID-32010",
"product_identification_helper": {
"model_numbers": [
"2702888"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.07.7 installed on TC CLOUD CLIENT 1002-TX/TX",
"product_id": "CSAFPID-32011",
"product_identification_helper": {
"model_numbers": [
"2702885"
]
}
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11011"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41717",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation (\u0027Code Injection\u2019).",
"title": "CVE Description"
},
{
"category": "details",
"text": "The config-upload endpoint can be exploited to inject arbitrary commands that are executed when polling the sock_server. The malicious config changes the root password and activates the service.",
"title": "CVE Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011"
]
},
"release_date": "2026-01-13T11:00:00.000Z",
"remediations": [
{
"category": "mitigation",
"details": "As this vulnerability can only be exploited by an authenticated high privileged user, Phoenix Contact recommends to strictly restrict administrative access to the device. The administrative use shall only import configuration files from trusted sources.",
"group_ids": [
"CSAFGID-0001"
],
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011"
]
},
{
"category": "vendor_fix",
"date": "2026-01-13T11:00:00.000Z",
"details": "Phoenix Contact recommends to upgrade to the latest firmware which will fix this vulnerability.\n\n| Product | Fixed Version |\n|----------------------------------|---------------|\n| TC ROUTER 3002T-3G | 3.08.8 |\n| TC ROUTER 2002T-3G | 3.08.8 |\n| TC ROUTER 3002T-4G | 3.08.8 |\n| TC ROUTER 3002T-4G GL | 3.08.8 |\n| TC ROUTER 5004T-5G EU | 1.06.23 |\n| TC ROUTER 3002T-4G VZW | 3.08.8 |\n| TC ROUTER 3002T-4G ATT | 3.08.8 |\n| TC ROUTER 2002T-4G | 3.08.8 |\n| CLOUD CLIENT 1101T-TX/TX | 3.07.7 |\n| TC CLOUD CLIENT 1002-4G ATT | 3.08.8 |\n| TC CLOUD CLIENT 1002-TX/TX | 3.07.7 |\n",
"group_ids": [
"CSAFGID-0001"
],
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011"
]
}
],
"title": "Config-Upload Code Injection"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…