CVE-2023-37862

CVSS 3.1 Score 8.2 of 10 (high)

Details

Published Aug 9, 2023

Updated: Aug 15, 2023

CWE ID 862

Summary

CVE-2023-37862 is a vulnerability affecting the WP 6xxx series web panels from PHOENIX CONTACT, prior to version 4.0.10. This issue allows unauthenticated remote attackers to access upload-functions of the HTTP API. Consequences of this vulnerability include certificate errors for SSL-connections and the potential for a partial denial-of-service. Attackers can leverage this flaw to manipulate data or disrupt services without needing valid credentials.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8dKSq
https://www.cve.org/CVERecord?id=CVE-2023-37862
https://nvd.nist.gov/vuln/detail/CVE-2023-37862

Back to Vulnerability Database

CVE-2023-37862

CVSS 3.1 Score 8.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations