HIGHCVE-2026-22317Published Modified CNA CERTVDE
CVE-2026-22317: Command Injection Vulnerability in Root CA Certificate Transfer Workflow
A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges.
Metrics
- CVSS v3.1
- 7.2
- Severity
- HIGH
- Fixed in
- 3.53
- Affected Products
- 77
Fix available
3.53
Affected packages
- Phoenix Contact / FL SWITCH 2005< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2008< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2016< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2105< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2108< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2116< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2204-2TC-2SFX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2205< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2FX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2FX SM< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2FX SM ST< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2FX ST< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2SFX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206-2SFX PN< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2206C-2FX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2207-FX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2207-FX SM< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2208< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2208 PN< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2208C< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2212-2TC-2SFX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2214-2FX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2214-2FX SM< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2214-2SFX< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2214-2SFX PN< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2216< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2216 PN< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2304-2GC-2SFP< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2306-2SFP< 3.53 (from 0.0.0)
- Phoenix Contact / FL SWITCH 2306-2SFP PN< 3.53 (from 0.0.0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HReferences