CVE-2026-22323 - Vulnerability Details

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00037.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Phoenixcontact Subscribe	Fl Nat 2008 Subscribe Fl Nat 2208 Subscribe Fl Nat 2304-2gc-2sfp Subscribe Fl Switch 2005 Subscribe Fl Switch 2008 Subscribe Fl Switch 2008f Subscribe Fl Switch 2016 Subscribe Fl Switch 2105 Subscribe Fl Switch 2108 Subscribe Fl Switch 2116 Subscribe Fl Switch 2204-2tc-2sfx Subscribe Fl Switch 2205 Subscribe Fl Switch 2206-2fx Subscribe Fl Switch 2206-2fx Sm Subscribe Fl Switch 2206-2fx Sm St Subscribe Fl Switch 2206-2fx St Subscribe Fl Switch 2206-2sfx Subscribe Fl Switch 2206-2sfx Pn Subscribe Fl Switch 2206c-2fx Subscribe Fl Switch 2207-fx Subscribe Fl Switch 2207-fx Sm Subscribe Fl Switch 2208 Subscribe Fl Switch 2208 Pn Subscribe Fl Switch 2208c Subscribe Fl Switch 2212-2tc-2sfx Subscribe Fl Switch 2214-2fx Subscribe Fl Switch 2214-2fx Sm Subscribe Fl Switch 2214-2sfx Subscribe Fl Switch 2214-2sfx Pn Subscribe Fl Switch 2216 Subscribe Fl Switch 2216 Pn Subscribe Fl Switch 2303-8sp1 Subscribe Fl Switch 2304-2gc-2sfp Subscribe Fl Switch 2306-2sfp Subscribe Fl Switch 2306-2sfp Pn Subscribe Fl Switch 2308 Subscribe Fl Switch 2308 Pn Subscribe Fl Switch 2312-2gc-2sfp Subscribe Fl Switch 2314-2sfp Subscribe Fl Switch 2314-2sfp Pn Subscribe Fl Switch 2316 Subscribe Fl Switch 2316/k1 Subscribe Fl Switch 2316 Pn Subscribe Fl Switch 2404-2tc-2sfx Subscribe Fl Switch 2406-2sfx Subscribe Fl Switch 2406-2sfx Pn Subscribe Fl Switch 2408 Subscribe Fl Switch 2408 Pn Subscribe Fl Switch 2412-2tc-2sfx Subscribe Fl Switch 2414-2sfx Subscribe Fl Switch 2414-2sfx Pn Subscribe Fl Switch 2416 Subscribe Fl Switch 2416 Pn Subscribe Fl Switch 2504-2gc-2sfp Subscribe Fl Switch 2506-2sfp Subscribe Fl Switch 2506-2sfp/k1 Subscribe Fl Switch 2506-2sfp Pn Subscribe Fl Switch 2508 Subscribe Fl Switch 2508/k1 Subscribe Fl Switch 2508 Pn Subscribe Fl Switch 2512-2gc-2sfp Subscribe Fl Switch 2514-2sfp Subscribe Fl Switch 2514-2sfp Pn Subscribe Fl Switch 2516 Subscribe Fl Switch 2516 Pn Subscribe Fl Switch 2608 Subscribe Fl Switch 2608 Pn Subscribe Fl Switch 2708 Subscribe Fl Switch 2708 Pn Subscribe Fl Switch 5916-8gc-4sfp+ Subscribe Fl Switch 5916sfp-8gc-4sfp+ Subscribe Fl Switch 5924-4gc Subscribe Fl Switch 5924-4sfp+ Subscribe Fl Switch 5924sfp-4gc Subscribe Fl Switch Tsn 2312-2gc-2sfp Subscribe Fl Switch Tsn 2314-2sfp Subscribe Fl Switch Tsn 2316 Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Phoenixcontact Subscribe	Fl Nat 2008 Subscribe Fl Nat 2208 Subscribe Fl Nat 2304-2gc-2sfp Subscribe Fl Switch 2005 Subscribe Fl Switch 2008 Subscribe Fl Switch 2008f Subscribe Fl Switch 2016 Subscribe Fl Switch 2105 Subscribe Fl Switch 2108 Subscribe Fl Switch 2116 Subscribe Fl Switch 2204-2tc-2sfx Subscribe Fl Switch 2205 Subscribe Fl Switch 2206-2fx Subscribe Fl Switch 2206-2fx Sm Subscribe Fl Switch 2206-2fx Sm St Subscribe Fl Switch 2206-2fx St Subscribe Fl Switch 2206-2sfx Subscribe Fl Switch 2206-2sfx Pn Subscribe Fl Switch 2206c-2fx Subscribe Fl Switch 2207-fx Subscribe Fl Switch 2207-fx Sm Subscribe Fl Switch 2208 Subscribe Fl Switch 2208 Pn Subscribe Fl Switch 2208c Subscribe Fl Switch 2212-2tc-2sfx Subscribe Fl Switch 2214-2fx Subscribe Fl Switch 2214-2fx Sm Subscribe Fl Switch 2214-2sfx Subscribe Fl Switch 2214-2sfx Pn Subscribe Fl Switch 2216 Subscribe Fl Switch 2216 Pn Subscribe Fl Switch 2303-8sp1 Subscribe Fl Switch 2304-2gc-2sfp Subscribe Fl Switch 2306-2sfp Subscribe Fl Switch 2306-2sfp Pn Subscribe Fl Switch 2308 Subscribe Fl Switch 2308 Pn Subscribe Fl Switch 2312-2gc-2sfp Subscribe Fl Switch 2314-2sfp Subscribe Fl Switch 2314-2sfp Pn Subscribe Fl Switch 2316 Subscribe Fl Switch 2316/k1 Subscribe Fl Switch 2316 Pn Subscribe Fl Switch 2404-2tc-2sfx Subscribe Fl Switch 2406-2sfx Subscribe Fl Switch 2406-2sfx Pn Subscribe Fl Switch 2408 Subscribe Fl Switch 2408 Pn Subscribe Fl Switch 2412-2tc-2sfx Subscribe Fl Switch 2414-2sfx Subscribe Fl Switch 2414-2sfx Pn Subscribe Fl Switch 2416 Subscribe Fl Switch 2416 Pn Subscribe Fl Switch 2504-2gc-2sfp Subscribe Fl Switch 2506-2sfp Subscribe Fl Switch 2506-2sfp/k1 Subscribe Fl Switch 2506-2sfp Pn Subscribe Fl Switch 2508 Subscribe Fl Switch 2508/k1 Subscribe Fl Switch 2508 Pn Subscribe Fl Switch 2512-2gc-2sfp Subscribe Fl Switch 2514-2sfp Subscribe Fl Switch 2514-2sfp Pn Subscribe Fl Switch 2516 Subscribe Fl Switch 2516 Pn Subscribe Fl Switch 2608 Subscribe Fl Switch 2608 Pn Subscribe Fl Switch 2708 Subscribe Fl Switch 2708 Pn Subscribe Fl Switch 5916-8gc-4sfp+ Subscribe Fl Switch 5916sfp-8gc-4sfp+ Subscribe Fl Switch 5924-4gc Subscribe Fl Switch 5924-4sfp+ Subscribe Fl Switch 5924sfp-4gc Subscribe Fl Switch Tsn 2312-2gc-2sfp Subscribe Fl Switch Tsn 2314-2sfp Subscribe Fl Switch Tsn 2316 Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://certvde.com/de/advisories/VDE-2025-104

History

Thu, 19 Mar 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Phoenixcontact Phoenixcontact fl Nat 2008 Phoenixcontact fl Nat 2208 Phoenixcontact fl Nat 2304-2gc-2sfp Phoenixcontact fl Switch 2005 Phoenixcontact fl Switch 2008 Phoenixcontact fl Switch 2008f Phoenixcontact fl Switch 2016 Phoenixcontact fl Switch 2105 Phoenixcontact fl Switch 2108 Phoenixcontact fl Switch 2116 Phoenixcontact fl Switch 2204-2tc-2sfx Phoenixcontact fl Switch 2205 Phoenixcontact fl Switch 2206-2fx Phoenixcontact fl Switch 2206-2fx Sm Phoenixcontact fl Switch 2206-2fx Sm St Phoenixcontact fl Switch 2206-2fx St Phoenixcontact fl Switch 2206-2sfx Phoenixcontact fl Switch 2206-2sfx Pn Phoenixcontact fl Switch 2206c-2fx Phoenixcontact fl Switch 2207-fx Phoenixcontact fl Switch 2207-fx Sm Phoenixcontact fl Switch 2208 Phoenixcontact fl Switch 2208 Pn Phoenixcontact fl Switch 2208c Phoenixcontact fl Switch 2212-2tc-2sfx Phoenixcontact fl Switch 2214-2fx Phoenixcontact fl Switch 2214-2fx Sm Phoenixcontact fl Switch 2214-2sfx Phoenixcontact fl Switch 2214-2sfx Pn Phoenixcontact fl Switch 2216 Phoenixcontact fl Switch 2216 Pn Phoenixcontact fl Switch 2303-8sp1 Phoenixcontact fl Switch 2304-2gc-2sfp Phoenixcontact fl Switch 2306-2sfp Phoenixcontact fl Switch 2306-2sfp Pn Phoenixcontact fl Switch 2308 Phoenixcontact fl Switch 2308 Pn Phoenixcontact fl Switch 2312-2gc-2sfp Phoenixcontact fl Switch 2314-2sfp Phoenixcontact fl Switch 2314-2sfp Pn Phoenixcontact fl Switch 2316 Phoenixcontact fl Switch 2316/k1 Phoenixcontact fl Switch 2316 Pn Phoenixcontact fl Switch 2404-2tc-2sfx Phoenixcontact fl Switch 2406-2sfx Phoenixcontact fl Switch 2406-2sfx Pn Phoenixcontact fl Switch 2408 Phoenixcontact fl Switch 2408 Pn Phoenixcontact fl Switch 2412-2tc-2sfx Phoenixcontact fl Switch 2414-2sfx Phoenixcontact fl Switch 2414-2sfx Pn Phoenixcontact fl Switch 2416 Phoenixcontact fl Switch 2416 Pn Phoenixcontact fl Switch 2504-2gc-2sfp Phoenixcontact fl Switch 2506-2sfp Phoenixcontact fl Switch 2506-2sfp/k1 Phoenixcontact fl Switch 2506-2sfp Pn Phoenixcontact fl Switch 2508 Phoenixcontact fl Switch 2508/k1 Phoenixcontact fl Switch 2508 Pn Phoenixcontact fl Switch 2512-2gc-2sfp Phoenixcontact fl Switch 2514-2sfp Phoenixcontact fl Switch 2514-2sfp Pn Phoenixcontact fl Switch 2516 Phoenixcontact fl Switch 2516 Pn Phoenixcontact fl Switch 2608 Phoenixcontact fl Switch 2608 Pn Phoenixcontact fl Switch 2708 Phoenixcontact fl Switch 2708 Pn Phoenixcontact fl Switch 5916-8gc-4sfp+ Phoenixcontact fl Switch 5916sfp-8gc-4sfp+ Phoenixcontact fl Switch 5924-4gc Phoenixcontact fl Switch 5924-4sfp+ Phoenixcontact fl Switch 5924sfp-4gc Phoenixcontact fl Switch Tsn 2312-2gc-2sfp Phoenixcontact fl Switch Tsn 2314-2sfp Phoenixcontact fl Switch Tsn 2316
Vendors & Products		Phoenixcontact Phoenixcontact fl Nat 2008 Phoenixcontact fl Nat 2208 Phoenixcontact fl Nat 2304-2gc-2sfp Phoenixcontact fl Switch 2005 Phoenixcontact fl Switch 2008 Phoenixcontact fl Switch 2008f Phoenixcontact fl Switch 2016 Phoenixcontact fl Switch 2105 Phoenixcontact fl Switch 2108 Phoenixcontact fl Switch 2116 Phoenixcontact fl Switch 2204-2tc-2sfx Phoenixcontact fl Switch 2205 Phoenixcontact fl Switch 2206-2fx Phoenixcontact fl Switch 2206-2fx Sm Phoenixcontact fl Switch 2206-2fx Sm St Phoenixcontact fl Switch 2206-2fx St Phoenixcontact fl Switch 2206-2sfx Phoenixcontact fl Switch 2206-2sfx Pn Phoenixcontact fl Switch 2206c-2fx Phoenixcontact fl Switch 2207-fx Phoenixcontact fl Switch 2207-fx Sm Phoenixcontact fl Switch 2208 Phoenixcontact fl Switch 2208 Pn Phoenixcontact fl Switch 2208c Phoenixcontact fl Switch 2212-2tc-2sfx Phoenixcontact fl Switch 2214-2fx Phoenixcontact fl Switch 2214-2fx Sm Phoenixcontact fl Switch 2214-2sfx Phoenixcontact fl Switch 2214-2sfx Pn Phoenixcontact fl Switch 2216 Phoenixcontact fl Switch 2216 Pn Phoenixcontact fl Switch 2303-8sp1 Phoenixcontact fl Switch 2304-2gc-2sfp Phoenixcontact fl Switch 2306-2sfp Phoenixcontact fl Switch 2306-2sfp Pn Phoenixcontact fl Switch 2308 Phoenixcontact fl Switch 2308 Pn Phoenixcontact fl Switch 2312-2gc-2sfp Phoenixcontact fl Switch 2314-2sfp Phoenixcontact fl Switch 2314-2sfp Pn Phoenixcontact fl Switch 2316 Phoenixcontact fl Switch 2316/k1 Phoenixcontact fl Switch 2316 Pn Phoenixcontact fl Switch 2404-2tc-2sfx Phoenixcontact fl Switch 2406-2sfx Phoenixcontact fl Switch 2406-2sfx Pn Phoenixcontact fl Switch 2408 Phoenixcontact fl Switch 2408 Pn Phoenixcontact fl Switch 2412-2tc-2sfx Phoenixcontact fl Switch 2414-2sfx Phoenixcontact fl Switch 2414-2sfx Pn Phoenixcontact fl Switch 2416 Phoenixcontact fl Switch 2416 Pn Phoenixcontact fl Switch 2504-2gc-2sfp Phoenixcontact fl Switch 2506-2sfp Phoenixcontact fl Switch 2506-2sfp/k1 Phoenixcontact fl Switch 2506-2sfp Pn Phoenixcontact fl Switch 2508 Phoenixcontact fl Switch 2508/k1 Phoenixcontact fl Switch 2508 Pn Phoenixcontact fl Switch 2512-2gc-2sfp Phoenixcontact fl Switch 2514-2sfp Phoenixcontact fl Switch 2514-2sfp Pn Phoenixcontact fl Switch 2516 Phoenixcontact fl Switch 2516 Pn Phoenixcontact fl Switch 2608 Phoenixcontact fl Switch 2608 Pn Phoenixcontact fl Switch 2708 Phoenixcontact fl Switch 2708 Pn Phoenixcontact fl Switch 5916-8gc-4sfp+ Phoenixcontact fl Switch 5916sfp-8gc-4sfp+ Phoenixcontact fl Switch 5924-4gc Phoenixcontact fl Switch 5924-4sfp+ Phoenixcontact fl Switch 5924sfp-4gc Phoenixcontact fl Switch Tsn 2312-2gc-2sfp Phoenixcontact fl Switch Tsn 2314-2sfp Phoenixcontact fl Switch Tsn 2316

Wed, 18 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 18 Mar 2026 07:45:00 +0000

Type	Values Removed	Values Added
Description		A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention.
Title		Cross‑Site Request Forgery in Link Aggregation Configuration
Weaknesses		CWE-352
References		https://certvde.com/de/advisories/VDE-2025-104
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2026-03-18T07:35:09.084Z

Updated: 2026-03-18T15:06:10.713Z

Reserved: 2026-01-07T11:49:15.178Z

Link: CVE-2026-22323

Vulnrichment

Updated: 2026-03-18T15:06:04.048Z

NVD

Status : Awaiting Analysis

Published: 2026-03-18T08:16:30.513

Modified: 2026-03-18T14:52:44.227

Link: CVE-2026-22323

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-19T08:56:49Z

Weaknesses

CWE-352

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object