Primary

Context

Phoenix Contact FL SWITCH 2xxx Web Management Reflected Cross-Site Scripting Vulnerability

Vulnerability

Patched

A reflected cross-site scripting vulnerability has been identified in the web-based management interface of Phoenix Contact FL SWITCH 2xxx devices, all versions prior to 3.50. This vulnerability allows an unauthenticated remote attacker to deceive an authenticated user into sending a manipulated POST request that alters device configuration parameters accessible through the web interface. The session cookie is protected with the httpOnly flag, preventing the attacker from hijacking the user's session.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in device configuration via the web management interface.

Remediation

Users are advised to update to the latest FL SWITCH 2xxx firmware version 3.50, which addresses this vulnerability.

Added: Dec 9, 2025, 7:46 PM

Updated: Dec 9, 2025, 7:46 PM

Affected Products

Phoenix Contact FL SWITCH 2005

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2005:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2008

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2008:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2008F

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2008f:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2016

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2016:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2105

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2105:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2108

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2108:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2116

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2116:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2204-2TC-2SFX

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2204-2tc-2sfx:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2205

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2205:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2FX

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2fx:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2FX SM

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2fx_sm:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2FX SM ST

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2fx_sm_st:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2FX ST

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2fx_st:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2SFX

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2sfx:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2206-2SFX PN

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2206-2sfx_pn:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2404-2TC-2SFX

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2404-2tc-2sfx:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2406-2SFX

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2406-2sfx:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2406-2SFX PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2406-2sfx_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2412-2TC-2SFX

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2412-2tc-2sfx:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2414-2SFX

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2414-2sfx:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2416

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2416:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2504-2GC-2SFP

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2504-2gc-2sfp:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2506-2SFP

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2506-2sfp:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2506-2SFP PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2506-2sfp_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2506-2SFP/K1

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2506-2sfp/k1:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2508

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2508:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2508 PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2508_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2508/K1

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2508/k1:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2512-2GC-2SFP

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2512-2gc-2sfp:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2514-2SFP

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2514-2sfp:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2516

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2516:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2516 PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2516_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2608

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2608:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2608 PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2608_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Phoenix Contact FL SWITCH 2708

Moderate fix1 remedy

cpe:2.3:h:phoenixcontact:fl_switch_2708:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 3.50

Phoenix Contact FL SWITCH 2708 PN

0 remedies

cpe:2.3:h:phoenixcontact:fl_switch_2708_pn:*:*:*:*:*:*:*, +1 more

0 remedies

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.7

exploitability

5.8

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

1.7

exploitability

5.8

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.