CVE-2017-16743

Summary

An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service authentication allowing the attacker to obtain administrative privileges on the device.

Affected Software

VendorProductVersion RangeStatus
n/aPHOENIX CONTACT FL SWITCHPHOENIX CONTACT FL SWITCHaffected

Weaknesses

  • CWE-285: CWE-285

ADP Enrichment

CVE Program Container

Additional References

References