CVE-2023-37861

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 9, 2023

Updated: Aug 15, 2023

CWE ID 78

Summary

CVE-2023-37861 is a vulnerability affecting PHOENIX CONTACT's WP 6xxx series web panels. This issue allows authenticated attackers to execute arbitrary code with root permissions when uploading a certificate to the device via an HTTP POST request. Successful exploitation could result in significant system compromise. It is essential that users update to version 4.0.10 or higher as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8coDV
https://www.cve.org/CVERecord?id=CVE-2023-37861
https://nvd.nist.gov/vuln/detail/CVE-2023-37861

Back to Vulnerability Database

CVE-2023-37861

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations