CNNVD-202510-2068 Information

CNNVD ID

CNNVD-202510-2068

Related CVE

CVE-2025-41705

• CNNVD Published: 2025-10-14

Description (Chinese)

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP是德国菲尼克斯电气（Phoenix Contact）公司的一款工业级直流不间断电源模块。 Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP存在安全漏洞，该漏洞源于未经验证的远程攻击者可通过拦截websocket消息获取登录凭据。

Description (English)

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial-level uninterruptible direct power supply module of Phoenix Contact, Germany. Phoenix Contact QuINT4-UPS/24DC/24DC/10/EIP has a security loophole, which stems from unverified remote assailants who can obtain access to documents by intercepting websocket information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

菲尼克斯电气

Published

2025-10-14

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2025-072 https://access.redhat.com/security/cve/cve-2025-41705

Patch

https://www.phoenixcontact.com/global-search/search?q=QUINT4-UPS%2F24DC%2F24DC%2F10%2FEIP&_locale=zh-CN&_realm=cn