CVE-2026-22317

CWE-77 — Command Injection3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 76.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phoenix Contact FL NAT 2008 Phoenix Contact FL NAT 2208 Phoenix Contact FL NAT 2304-2gc-2sfp +74 more

Timeline

PublishedMar 18

Description

A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages77 packages

▶CVEListV5phoenix_contact/fl_nat_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_nat_22080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20050.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20160.0.0 — 3.53

🔴Vulnerability Details

GHSA

GHSA-mfmx-5m88-3hp5: A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST re↗2026-03-18

▶

CVEList

Command Injection Vulnerability in Root CA Certificate Transfer Workflow↗2026-03-18

▶