Security Advisory

CVE-2023-1109

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-17 07:32:24

Last updated 2025-02-05 21:19:53

Assigner CERTVDE

State PUBLISHED

Description

In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service.

← Browse all CVEs View on cve.org ↗