CVE-2022-31800: An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

Affected

17 ranges

Vendor	Product	Version range	Fixed in
phoenix_contact	axc_1050	—	—
phoenix_contact	axc_1050_xc	—	—
phoenix_contact	axc_3050	—	—
phoenix_contact	fc_350_pci_eth	—	—
phoenix_contact	ilc_1x0	—	—
phoenix_contact	ilc_1x1	—	—
phoenix_contact	ilc_1x1_gsm_gprs	—	—
phoenix_contact	ilc_3xx	—	—
phoenix_contact	pc_worx_rt_basic	—	—
phoenix_contact	pc_worx_srt	—	—
phoenix_contact	rfc_430_eth-ib	—	—
phoenix_contact	rfc_450_eth-ib	—	—
phoenix_contact	rfc_460r_pn_3tx	—	—
phoenix_contact	rfc_460r_pn_3tx-s	—	—
phoenix_contact	rfc_470_pn_3tx	—	—
phoenix_contact	rfc_470s_pn_3tx	—	—
phoenix_contact	rfc_480s_pn_4tx	—	—