cbcvebase.
CVE-2026-22321
published 2026-03-18

CVE-2026-22321: A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username…

medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain unaffected, the impact is limited to a low‑severity availability disruption.

Affected

77 ranges· showing 25
VendorProductVersion rangeFixed in
phoenix_contactfl_nat_2008>= 0.0.0 < 3.533.53
phoenix_contactfl_nat_2208>= 0.0.0 < 3.533.53
phoenix_contactfl_nat_2304-2gc-2sfp>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2005>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2008>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2008f>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2016>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2105>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2108>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2116>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2204-2tc-2sfx>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2205>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2fx>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2fx_sm>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2fx_sm_st>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2fx_st>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2sfx>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206-2sfx_pn>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2206c-2fx>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2207-fx>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2207-fx_sm>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2208>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2208_pn>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2208c>= 0.0.0 < 3.533.53
phoenix_contactfl_switch_2212-2tc-2sfx>= 0.0.0 < 3.533.53