CVE-2025-41707
published 2025-10-14CVE-2025-41707: The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phoenix_contact | quint4-ups_24dc_24dc_10_eip | >= VC:00 < VC:07 | VC:07 |
| phoenix_contact | quint4-ups_24dc_24dc_20_eip | >= VC:00 < VC:07 | VC:07 |
| phoenix_contact | quint4-ups_24dc_24dc_40_eip | >= VC:00 < VC:07 | VC:07 |
| phoenix_contact | quint4-ups_24dc_24dc_5_eip | >= VC:00 < VC:07 | VC:07 |