PHOENIX CONTACT 厂商漏洞列表 / CVE 中文分析 143

PHOENIX CONTACT 厂商相关 143 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

PHOENIX CONTACT 是全球领先的电气连接与工业自动化解决方案提供商，其产品线涵盖工业通信、电源技术及控制工程。截至最新统计，该厂商已收录 142 条 CVE，主要漏洞类型涉及远程代码执行、缓冲区溢出及身份验证绕过，多源于嵌入式系统固件或网络接口配置缺陷。值得关注的是，其工业控制组件常成为供应链攻击目标，建议用户及时更新固件并严格隔离工业网络，以防范潜在的高级持续性威胁。

CVEs 143

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2024-43384	Phoenix Contact: Improper removal of sensitive information in MGUARD products — FL MGUARD 2102CWE-212	8.0	High	2026-05-07
CVE-2026-22323	Cross‑Site Request Forgery in Link Aggregation Configuration — FL SWITCH 2005CWE-352	7.1	High	2026-03-18
CVE-2026-22322	Stored Cross‑Site Scripting in Link Aggregation Name Handling — FL SWITCH 2005CWE-79	7.1	High	2026-03-18
CVE-2026-22321	Stack-Based Buffer Overflow in CLI Login Username Handling over CLI — FL SWITCH 2005CWE-121	5.3	Medium	2026-03-18
CVE-2026-22320	Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI — FL SWITCH 2005CWE-121	6.5	Medium	2026-03-18
CVE-2026-22319	Stack-Based Buffer Overflow in File Install Parameter Handling — FL SWITCH 2005CWE-121	4.9	Medium	2026-03-18
CVE-2026-22318	Stack-Based Buffer Overflow in File Transfer Parameter Handling — FL SWITCH 2005CWE-121	4.9	Medium	2026-03-18
CVE-2026-22317	Command Injection Vulnerability in Root CA Certificate Transfer Workflow — FL SWITCH 2005CWE-77	7.2	High	2026-03-18
CVE-2026-22316	Buffer Overflow using TFTP Filename — FL SWITCH 2005CWE-121	6.5	Medium	2026-03-18
CVE-2025-41717	Config-Upload Code Injection — TC ROUTER 3002T-3GCWE-94	8.8	High	2026-01-13
CVE-2025-41693	Authenticated Denial-of-Service via SSH — FL SWITCH 2005CWE-770	4.3	Medium	2025-12-09
CVE-2025-41696	Hardcoded User Password — FL SWITCH 2005CWE-798	4.6	Medium	2025-12-09
CVE-2025-41694	Authenticated Denial-of-Service via Webshell — FL SWITCH 2005CWE-770	6.5	Medium	2025-12-09
CVE-2025-41692	Weak/Predictable root Password — FL SWITCH 2005CWE-916	6.8	Medium	2025-12-09
CVE-2025-41697	Shell access to UART Console — FL SWITCH 2005CWE-1299	6.8	Medium	2025-12-09
CVE-2025-41695	Reflected XSS vulnerability in dyn_conn.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41745	Reflected XSS vulnerability in pxc_portCntr2.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41746	Reflected XSS vulnerability in pxc_portSecCfg.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41747	Reflected XSS vulnerability in pxc_vlanIntfCfg.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41748	Reflected XSS vulnerability in pxc_Dot1xCfg.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41749	Reflected XSS vulnerability in port_util.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41750	Reflected XSS vulnerability in pxc_PortCfg.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41751	Reflected XSS vulnerability in pxc_portCntr.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41752	Reflected XSS vulnerability in pxc_portSfp.php — FL SWITCH 2005CWE-79	7.1	High	2025-12-09
CVE-2025-41699	Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers — CHARX SEC-3150CWE-94	8.8	High	2025-10-14
CVE-2025-41707	Phoenix Contact: WebSocket Handler Denial of Service — QUINT4-UPS/24DC/24DC/5/EIPCWE-120	5.3	Medium	2025-10-14
CVE-2025-41706	Phoenix Contact: Webserver Denial of Service through Malformed Content-Length — QUINT4-UPS/24DC/24DC/5/EIPCWE-120	5.3	Medium	2025-10-14
CVE-2025-41705	Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials — QUINT4-UPS/24DC/24DC/5/EIPCWE-523	6.8	Medium	2025-10-14
CVE-2025-41704	Phoenix Contact: Unauthenticated Modbus Service DoS via Crafted Function Code — QUINT4-UPS/24DC/24DC/5/EIPCWE-770	5.3	Medium	2025-10-14
CVE-2025-41703	Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command — QUINT4-UPS/24DC/24DC/5/EIPCWE-306	7.5	High	2025-10-14

本页汇总了 PHOENIX CONTACT 厂商截至目前公开的全部 143 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

PHOENIX CONTACT 厂商漏洞列表 / CVE 中文分析 143

目標達成すべての支援者に感謝 — 100%達成しました！