Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for smartrtu_axc_ig_firmware by phoenixcontact
CVE-2023-1109 (GCVE-0-2023-1109)
Vulnerability from nvd – Published: 2023-04-17 07:32 – Updated: 2025-02-05 21:19
VLAI?
Title
PHOENIX CONTACT: Directory Traversal Vulnerability in ENERGY AXC PU Web service
Summary
In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service.
Severity ?
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | ENERGY AXC PU (1264327) |
Affected:
V01.00.00.00 , ≤ V04.15.00.00
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Date Public ?
2023-04-11 08:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-003/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T21:19:48.861651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:19:53.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ENERGY AXC PU (1264327)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V04.15.00.00",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SMARTRTU AXC SG (1110435)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V01.08.00.02",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SMARTRTU AXC IG (1264328)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V01.02.00.01",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Infobox (1169323 )",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V02.02.00.00",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Laokoon SecurITy GmbH on behalf of E.ON Digital Technology GmbH"
}
],
"datePublic": "2023-04-11T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service."
}
],
"value": "In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T07:32:24.262Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-003/"
}
],
"source": {
"advisory": "VDE-2023-003",
"defect": [
"CERT@VDE#64407"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Directory Traversal Vulnerability in ENERGY AXC PU Web service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-1109",
"datePublished": "2023-04-17T07:32:24.262Z",
"dateReserved": "2023-03-01T05:58:56.947Z",
"dateUpdated": "2025-02-05T21:19:53.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1109 (GCVE-0-2023-1109)
Vulnerability from cvelistv5 – Published: 2023-04-17 07:32 – Updated: 2025-02-05 21:19
VLAI?
Title
PHOENIX CONTACT: Directory Traversal Vulnerability in ENERGY AXC PU Web service
Summary
In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service.
Severity ?
8.8 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | ENERGY AXC PU (1264327) |
Affected:
V01.00.00.00 , ≤ V04.15.00.00
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Date Public ?
2023-04-11 08:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2023-003/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T21:19:48.861651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:19:53.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ENERGY AXC PU (1264327)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V04.15.00.00",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SMARTRTU AXC SG (1110435)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V01.08.00.02",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SMARTRTU AXC IG (1264328)",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V01.02.00.01",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Infobox (1169323 )",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "V02.02.00.00",
"status": "affected",
"version": "V01.00.00.00",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Laokoon SecurITy GmbH on behalf of E.ON Digital Technology GmbH"
}
],
"datePublic": "2023-04-11T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service."
}
],
"value": "In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T07:32:24.262Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-003/"
}
],
"source": {
"advisory": "VDE-2023-003",
"defect": [
"CERT@VDE#64407"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: Directory Traversal Vulnerability in ENERGY AXC PU Web service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-1109",
"datePublished": "2023-04-17T07:32:24.262Z",
"dateReserved": "2023-03-01T05:58:56.947Z",
"dateUpdated": "2025-02-05T21:19:53.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}