CVE-2025-34396

0
1
0
9h ago

CVE-2025-34406

Overview

MailEnable
MailEnable

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

Pending

MITRE

KEV

Description

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Id parameter of /Mobile/ContactDetails.aspx. The Id value is not properly sanitized when processed via a GET request and is reflected within a <script> block in the response. By supplying a crafted payload that terminates an existing JavaScript function, inserts attacker-controlled script, and comments out remaining code, a remote attacker can execute arbitrary JavaScript in a victim’s browser when the victim opens a malicious link. Successful exploitation can redirect victims to malicious sites, steal cookies not protected by HttpOnly, inject arbitrary HTML or CSS, and perform actions as the authenticated user.

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

MailEnable

0
1
0
9h ago

CVE-2025-34407

Overview

MailEnable
MailEnable

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

Pending

MITRE

KEV

Description

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the theme parameter of /Mondo/lang/sys/Forms/Statistics.aspx. The theme value is insufficiently sanitized when processed via a GET request and is reflected in the response, allowing an attacker to break out of an existing iframe context and inject arbitrary script. A remote attacker can supply a crafted payload that closes the iframe tag, inserts attacker-controlled JavaScript, and comments out remaining code, leading to script execution in a victim’s browser when the victim visits a malicious link. Successful exploitation can redirect victims to malicious sites, steal non-HttpOnly cookies, inject arbitrary HTML or CSS, and perform actions as the authenticated user.

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

MailEnable

0
1
0
9h ago

CVE-2025-34399

Overview

MailEnable
MailEnable

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

Pending

MITRE

KEV

Description

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the AddressesCc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The AddressesCc value is not properly sanitized when processed via a GET request and is reflected within a <script> block in the JavaScript variable var sAddrCc. By supplying a crafted payload that terminates the existing LoadCurAddresses() function, inserts attacker-controlled script, and comments out remaining code, a remote attacker can execute arbitrary JavaScript in a victim’s browser when the victim attempts to send an email. Successful exploitation can redirect victims to malicious sites, steal non-HttpOnly cookies, inject arbitrary HTML or CSS, and perform actions as the authenticated user.

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

MailEnable

0
1
0
9h ago

CVE-2025-34401

Overview

MailEnable
MailEnable

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

Pending

MITRE

KEV

Description

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldBcc parameter of /Mondo/lang/sys/Forms/AddressBook.aspx. The FieldBcc value is not properly sanitized when processed via a GET request and is reflected inside a <script> block in the JavaScript variable var BCCFieldProvided. By supplying a crafted payload that terminates the existing LoadCurAddresses() function, inserts attacker-controlled script, and comments out remaining code, a remote attacker can execute arbitrary JavaScript in a victim’s browser during normal email composition. Successful exploitation can redirect victims to malicious sites, steal non-HttpOnly cookies, inject arbitrary HTML or CSS, and perform actions as the authenticated user.

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

MailEnable

0
1
0
9h ago

CVE-2025-34404

Overview

MailEnable
MailEnable

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

Pending

MITRE

KEV

Description

MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the InstanceScope parameter of /Mondo/lang/sys/Forms/CAL/compose.aspx. The InstanceScope value is not properly sanitized when processed via a GET request and is reflected inside a <script> block in the JavaScript variable var gInstanceScope. By supplying a crafted payload that terminates the existing PageLoad() function, inserts attacker-controlled script, and comments out remaining code, a remote attacker can execute arbitrary JavaScript in a victim’s browser. Successful exploitation can redirect victims to malicious sites, steal non-HttpOnly cookies, inject arbitrary HTML or CSS, and perform actions as the authenticated user.

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

MailEnable

0
1
0
9h ago

CVE-2025-41746

Overview

Phoenix Contact
FL SWITCH 2005

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.08%

MITRE

KEV

Description

An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-071
Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. Two other vulnerabilities (CVE-2025-41693 and CVE-2025-41694) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2025-41697) allows an unauthenticated physical attacker to access a login shell via an undocumented UART port. Furthermore, there are multiple vulnerabilities relating to reflected cross-site scripting in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.50.
#CVE CVE-2025-41752, CVE-2025-41751, CVE-2025-41750, CVE-2025-41749, CVE-2025-41748, CVE-2025-41747, CVE-2025-41746, CVE-2025-41745, CVE-2025-41695, CVE-2025-41697, CVE-2025-41692, CVE-2025-41694, CVE-2025-41696, CVE-2025-41693

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-071.json

0
0
0
19h ago

CVE-2025-41748

Overview

Phoenix Contact
FL SWITCH 2005

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.08%

MITRE

KEV

Description

An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-071
Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. Two other vulnerabilities (CVE-2025-41693 and CVE-2025-41694) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2025-41697) allows an unauthenticated physical attacker to access a login shell via an undocumented UART port. Furthermore, there are multiple vulnerabilities relating to reflected cross-site scripting in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.50.
#CVE CVE-2025-41752, CVE-2025-41751, CVE-2025-41750, CVE-2025-41749, CVE-2025-41748, CVE-2025-41747, CVE-2025-41746, CVE-2025-41745, CVE-2025-41695, CVE-2025-41697, CVE-2025-41692, CVE-2025-41694, CVE-2025-41696, CVE-2025-41693

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-071.json

0
0
0
19h ago

CVE-2025-41747

Overview

Phoenix Contact
FL SWITCH 2005

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.08%

MITRE

KEV

Description

An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-071
Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. Two other vulnerabilities (CVE-2025-41693 and CVE-2025-41694) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2025-41697) allows an unauthenticated physical attacker to access a login shell via an undocumented UART port. Furthermore, there are multiple vulnerabilities relating to reflected cross-site scripting in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.50.
#CVE CVE-2025-41752, CVE-2025-41751, CVE-2025-41750, CVE-2025-41749, CVE-2025-41748, CVE-2025-41747, CVE-2025-41746, CVE-2025-41745, CVE-2025-41695, CVE-2025-41697, CVE-2025-41692, CVE-2025-41694, CVE-2025-41696, CVE-2025-41693

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-071.json

0
0
0
19h ago

CVE-2025-41752

Overview

Phoenix Contact
FL SWITCH 2005

09 Dec 2025

Published

09 Dec 2025

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.08%

MITRE

KEV

Description

An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-071
Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. Two other vulnerabilities (CVE-2025-41693 and CVE-2025-41694) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2025-41697) allows an unauthenticated physical attacker to access a login shell via an undocumented UART port. Furthermore, there are multiple vulnerabilities relating to reflected cross-site scripting in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.50.
#CVE CVE-2025-41752, CVE-2025-41751, CVE-2025-41750, CVE-2025-41749, CVE-2025-41748, CVE-2025-41747, CVE-2025-41746, CVE-2025-41745, CVE-2025-41695, CVE-2025-41697, CVE-2025-41692, CVE-2025-41694, CVE-2025-41696, CVE-2025-41693