CVE-2016-8371

HIGH

Phoenix Contact ILC PLCs - Info Disclosure

Title source: llm

Description

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

Exploits (1)

exploitdb WORKING POC
by Photubias · pythonwebappswindows
https://www.exploit-db.com/exploits/45590

References (3)

Scores

CVSS v3 7.3
EPSS 0.1253
EPSS Percentile 93.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE
CWE-287 CWE-592
Status published

Affected Products (1)

phoenixcontact/ilc_plcs_firmware

Timeline

Published Apr 05, 2018
Tracked Since Feb 18, 2026