Phoenix Contact · Charx Sec-3000 · CVE-2025-41699
**Name of the Vulnerable Software and Affected Versions**
The product name cannot be determined. (affected versions not specified)
**Description**
A flaw exists in a web-based management interface that allows a low-privileged remote attacker with an account to execute arbitrary commands with root privileges. This is achieved through a command injection resulting from improper control of code generation. The issue can lead to a total loss of confidentiality, availability, and integrity.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.