cbcvebase.
CVE-2025-41692
published 2025-12-09

CVE-2025-41692: A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak…

medium6.8CVSS 3.1
AVNACLPRHUINSCCHINAN
A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.

Affected

138 ranges· showing 25
VendorProductVersion rangeFixed in
phoenix_contactfl_nat_2008>= 0.0.0 < 3.503.50
phoenix_contactfl_nat_2208>= 0.0.0 < 3.503.50
phoenix_contactfl_nat_2304-2gc-2sfp>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2005>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2008>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2008f>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2016>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2105>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2108>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2116>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2204-2tc-2sfx>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2205>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2fx>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2fx_sm>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2fx_sm_st>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2fx_st>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2sfx>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206-2sfx_pn>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2206c-2fx>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2207-fx>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2207-fx_sm>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2208>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2208_pn>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2208c>= 0.0.0 < 3.503.50
phoenix_contactfl_switch_2212-2tc-2sfx>= 0.0.0 < 3.503.50