CVE-2026-22323

CWE-352 — Cross-Site Request Forgery (CSRF)3 documents3 sources

Severity

7.1HIGH

EPSS

0.0%

top 87.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phoenix Contact FL NAT 2008 Phoenix Contact FL NAT 2208 Phoenix Contact FL NAT 2304-2gc-2sfp +74 more

Timeline

PublishedMar 18

Description

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:LExploitability: 2.8 | Impact: 4.2

Affected Packages77 packages

▶CVEListV5phoenix_contact/fl_nat_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_nat_22080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20050.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20080.0.0 — 3.53

▶CVEListV5phoenix_contact/fl_switch_20160.0.0 — 3.53

🔴Vulnerability Details

CVEList

Cross‑Site Request Forgery in Link Aggregation Configuration↗2026-03-18

▶

GHSA

GHSA-rv6q-j73h-c4g9: A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sendi↗2026-03-18

▶