CVE 8.8 HIGH

Config-Upload Code Injection_CVE-2025-41717

January 13, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation ('Code Injection’).

AI Analysis

Code injection vulnerability in Phoenix Contact products due to improper control of code generation, allowing remote attackers to inject malicious code as root, resulting in total loss of confidentiality, availability, and integrity.

Basic Information

ID CVE-2025-41717

Source CERTVDE

Published Jan 13, 2026 at 07:48

Affected Product

Vendor Phoenix Contact

Product TC ROUTER 3002T-3G

Version 0.0.0

Affected Versions Phoenix Contact TC ROUTER 3002T-3G 0.0.0
Phoenix Contact TC ROUTER 2002T-3G 0.0.0
Phoenix Contact TC ROUTER 3002T-4G 0.0.0
Phoenix Contact TC ROUTER 3002T-4G GL 0.0.0
Phoenix Contact TC ROUTER 5004T-5G EU 0.0.0
Phoenix Contact TC ROUTER 3002T-4G VZW 0.0.0
Phoenix Contact TC ROUTER 3002T-4G ATT 0.0.0
Phoenix Contact TC ROUTER 2002T-4G 0.0.0
Phoenix Contact CLOUD CLIENT 1101T-TX/TX 0.0.0
Phoenix Contact TC CLOUD CLIENT 1002-4G ATT 0.0.0
Phoenix Contact TC CLOUD CLIENT 1002-TX/TX 0.0.0

CWE Classification

CWE-94

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Phoenix Contact

Product TC ROUTER 3002T-3G, TC ROUTER 2002T-3G, TC ROUTER 3002T-4G, TC ROUTER 3002T-4G GL, TC ROUTER 5004T-5G EU, TC ROUTER 3002T-4G VZW, TC ROUTER 3002T-4G ATT, TC ROUTER 2002T-4G, CLOUD CLIENT 1101T-TX/TX, TC CLOUD CLIENT 1002-4G ATT, TC CLOUD CLIENT 1002-TX/TX

Version 0.0.0

References

certvde.com /de/advisories/VDE-2025-073

{
    "lastseen": "",
    "description": "An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation ('Code Injection\u2019).",
    "published": "2026-01-13T07:48:19.811Z",
    "modified": "2026-01-13T07:48:19.811Z",
    "type": "cve",
    "title": "Config-Upload Code Injection",
    "source": "CERTVDE",
    "references": "https://certvde.com/de/advisories/VDE-2025-073",
    "id": "CVE-2025-41717",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Phoenix Contact TC ROUTER 3002T-3G 0.0.0\nPhoenix Contact TC ROUTER 2002T-3G 0.0.0\nPhoenix Contact TC ROUTER 3002T-4G 0.0.0\nPhoenix Contact TC ROUTER 3002T-4G GL 0.0.0\nPhoenix Contact TC ROUTER 5004T-5G EU 0.0.0\nPhoenix Contact TC ROUTER 3002T-4G VZW 0.0.0\nPhoenix Contact TC ROUTER 3002T-4G ATT 0.0.0\nPhoenix Contact TC ROUTER 2002T-4G 0.0.0\nPhoenix Contact CLOUD CLIENT 1101T-TX/TX 0.0.0\nPhoenix Contact TC CLOUD CLIENT 1002-4G ATT 0.0.0\nPhoenix Contact TC CLOUD CLIENT 1002-TX/TX 0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TC ROUTER 3002T-3G",
    "version": "0.0.0",
    "vendor": "Phoenix Contact",
    "ai_description": "Code injection vulnerability in Phoenix Contact products due to improper control of code generation, allowing remote attackers to inject malicious code as root, resulting in total loss of confidentiality, availability, and integrity.",
    "ai_severity": "High",
    "ai_vendor": "Phoenix Contact",
    "ai_product": "TC ROUTER 3002T-3G, TC ROUTER 2002T-3G, TC ROUTER 3002T-4G, TC ROUTER 3002T-4G GL, TC ROUTER 5004T-5G EU, TC ROUTER 3002T-4G VZW, TC ROUTER 3002T-4G ATT, TC ROUTER 2002T-4G, CLOUD CLIENT 1101T-TX/TX, TC CLOUD CLIENT 1002-4G ATT, TC CLOUD CLIENT 1002-TX/TX",
    "ai_version": "0.0.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply