📦 Fl Switch 2316\/k1 Firmware

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_Dot1xCfg.php allows attackers to trick authenticated users into clicking malicious links, enabling unauthorized changes to device con...

An unauthenticated cross-site scripting (XSS) vulnerability in port_util.php allows attackers to trick authenticated users into clicking malicious links, enabling unauthorized changes to device config...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_PortCfg.php allows attackers to trick authenticated users into clicking malicious links, enabling unauthorized changes to device conf...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_portCntr.php allows attackers to trick authenticated users into clicking malicious links that modify device configuration parameters ...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_portSfp.php allows attackers to trick authenticated users into clicking malicious links that modify device configuration parameters v...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_portCntr2.php allows attackers to trick authenticated users into sending malicious POST requests that modify device configuration par...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_portSecCfg.php allows attackers to trick authenticated users into sending malicious POST requests that modify device configuration pa...

An unauthenticated cross-site scripting (XSS) vulnerability in pxc_vlanIntfCfg.php allows attackers to trick authenticated users into sending malicious POST requests that modify device configuration p...

An unauthenticated cross-site scripting (XSS) vulnerability in dyn_conn.php allows attackers to trick authenticated users into sending malicious POST requests that modify device configuration paramete...

This vulnerability allows attackers to use an undocumented UART port on the PCB as a side-channel to gain read access to parts of the device's filesystem. Attackers must first obtain hardcoded credent...

This vulnerability allows attackers to exploit an undocumented UART port on printed circuit boards as a side-channel attack vector to gain root access, typically after obtaining credentials through CV...

This vulnerability allows a high-privileged remote attacker with webUI admin access to brute-force the underlying OS root and user passwords due to weak password generation. Affected systems are those...

A low-privileged remote attacker can exploit SSH functionality to execute commands after authentication, causing resource exhaustion that degrades management performance. This affects systems with vul...

A low-privileged remote attacker can send a webshell request with an empty command containing whitespace, causing the web server to block while waiting for more data. This creates a denial-of-service ...