Description
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain unaffected, the impact is limited to a low‑severity availability disruption.
Published: 2026-03-18
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Availability Disruption
Action: Check Updates
AI Analysis

Impact

The vulnerability is a stack-based buffer overflow in the CLI login routine triggered by an oversized or unexpected username supplied over Telnet or SSH. The overflow corrupts the stack and crashes the login thread, closing the session. Because the crash is confined to the thread handling that user, other active CLI connections remain functional, qualifying the flaw primarily as a low‑severity availability disruption.

Affected Systems

Affected devices include Phoenix Contact FL series such as FL NAT 2008, FL NAT 2208, FL NAT 2304‑2GC‑2SFP, and a broad set of FL SWITCH models (e.g., FL SWITCH 2005, 2008, 2016, 2105, 2108, 2116, 2204‑2TC‑2SFX, 2205, 2206‑2FX, and higher‑end models up to FL SWITCH 5924‑4SFP+). The specific firmware versions affected are not disclosed, suggesting the flaw may persist across multiple releases of these products.

Risk and Exploitability

The CVSS base score is 5.3, indicating a medium overall risk. No EPSS value is available, and the flaw is not listed in the CISA KEV catalog. An attacker would exploit the vulnerability by sending an oversized username via an unauthenticated Telnet or SSH session. Though the crash affects only a single thread, repeated attacks could degrade overall CLI availability. The flaw is technically exploitable but would likely be detected if system activity is monitored.

Generated by OpenCVE AI on March 18, 2026 at 08:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor‑released patch or firmware update addressing the CLI login buffer overflow.
  • Restrict access to Telnet/SSH CLI ports to authorized IP addresses or VPN networks.
  • Disable the Telnet protocol if it is not required, or enforce SSH‑only access.
  • Implement logging and monitoring of CLI login attempts to detect abnormal username lengths.
  • If no patch is available, consider temporarily closing CLI ports from external networks.

Generated by OpenCVE AI on March 18, 2026 at 08:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Phoenixcontact
Phoenixcontact fl Nat 2008
Phoenixcontact fl Nat 2208
Phoenixcontact fl Nat 2304-2gc-2sfp
Phoenixcontact fl Switch 2005
Phoenixcontact fl Switch 2008
Phoenixcontact fl Switch 2008f
Phoenixcontact fl Switch 2016
Phoenixcontact fl Switch 2105
Phoenixcontact fl Switch 2108
Phoenixcontact fl Switch 2116
Phoenixcontact fl Switch 2204-2tc-2sfx
Phoenixcontact fl Switch 2205
Phoenixcontact fl Switch 2206-2fx
Phoenixcontact fl Switch 2206-2fx Sm
Phoenixcontact fl Switch 2206-2fx Sm St
Phoenixcontact fl Switch 2206-2fx St
Phoenixcontact fl Switch 2206-2sfx
Phoenixcontact fl Switch 2206-2sfx Pn
Phoenixcontact fl Switch 2206c-2fx
Phoenixcontact fl Switch 2207-fx
Phoenixcontact fl Switch 2207-fx Sm
Phoenixcontact fl Switch 2208
Phoenixcontact fl Switch 2208 Pn
Phoenixcontact fl Switch 2208c
Phoenixcontact fl Switch 2212-2tc-2sfx
Phoenixcontact fl Switch 2214-2fx
Phoenixcontact fl Switch 2214-2fx Sm
Phoenixcontact fl Switch 2214-2sfx
Phoenixcontact fl Switch 2214-2sfx Pn
Phoenixcontact fl Switch 2216
Phoenixcontact fl Switch 2216 Pn
Phoenixcontact fl Switch 2303-8sp1
Phoenixcontact fl Switch 2304-2gc-2sfp
Phoenixcontact fl Switch 2306-2sfp
Phoenixcontact fl Switch 2306-2sfp Pn
Phoenixcontact fl Switch 2308
Phoenixcontact fl Switch 2308 Pn
Phoenixcontact fl Switch 2312-2gc-2sfp
Phoenixcontact fl Switch 2314-2sfp
Phoenixcontact fl Switch 2314-2sfp Pn
Phoenixcontact fl Switch 2316
Phoenixcontact fl Switch 2316/k1
Phoenixcontact fl Switch 2316 Pn
Phoenixcontact fl Switch 2404-2tc-2sfx
Phoenixcontact fl Switch 2406-2sfx
Phoenixcontact fl Switch 2406-2sfx Pn
Phoenixcontact fl Switch 2408
Phoenixcontact fl Switch 2408 Pn
Phoenixcontact fl Switch 2412-2tc-2sfx
Phoenixcontact fl Switch 2414-2sfx
Phoenixcontact fl Switch 2414-2sfx Pn
Phoenixcontact fl Switch 2416
Phoenixcontact fl Switch 2416 Pn
Phoenixcontact fl Switch 2504-2gc-2sfp
Phoenixcontact fl Switch 2506-2sfp
Phoenixcontact fl Switch 2506-2sfp/k1
Phoenixcontact fl Switch 2506-2sfp Pn
Phoenixcontact fl Switch 2508
Phoenixcontact fl Switch 2508/k1
Phoenixcontact fl Switch 2508 Pn
Phoenixcontact fl Switch 2512-2gc-2sfp
Phoenixcontact fl Switch 2514-2sfp
Phoenixcontact fl Switch 2514-2sfp Pn
Phoenixcontact fl Switch 2516
Phoenixcontact fl Switch 2516 Pn
Phoenixcontact fl Switch 2608
Phoenixcontact fl Switch 2608 Pn
Phoenixcontact fl Switch 2708
Phoenixcontact fl Switch 2708 Pn
Phoenixcontact fl Switch 5916-8gc-4sfp+
Phoenixcontact fl Switch 5916sfp-8gc-4sfp+
Phoenixcontact fl Switch 5924-4gc
Phoenixcontact fl Switch 5924-4sfp+
Phoenixcontact fl Switch 5924sfp-4gc
Phoenixcontact fl Switch Tsn 2312-2gc-2sfp
Phoenixcontact fl Switch Tsn 2314-2sfp
Phoenixcontact fl Switch Tsn 2316
Vendors & Products Phoenixcontact
Phoenixcontact fl Nat 2008
Phoenixcontact fl Nat 2208
Phoenixcontact fl Nat 2304-2gc-2sfp
Phoenixcontact fl Switch 2005
Phoenixcontact fl Switch 2008
Phoenixcontact fl Switch 2008f
Phoenixcontact fl Switch 2016
Phoenixcontact fl Switch 2105
Phoenixcontact fl Switch 2108
Phoenixcontact fl Switch 2116
Phoenixcontact fl Switch 2204-2tc-2sfx
Phoenixcontact fl Switch 2205
Phoenixcontact fl Switch 2206-2fx
Phoenixcontact fl Switch 2206-2fx Sm
Phoenixcontact fl Switch 2206-2fx Sm St
Phoenixcontact fl Switch 2206-2fx St
Phoenixcontact fl Switch 2206-2sfx
Phoenixcontact fl Switch 2206-2sfx Pn
Phoenixcontact fl Switch 2206c-2fx
Phoenixcontact fl Switch 2207-fx
Phoenixcontact fl Switch 2207-fx Sm
Phoenixcontact fl Switch 2208
Phoenixcontact fl Switch 2208 Pn
Phoenixcontact fl Switch 2208c
Phoenixcontact fl Switch 2212-2tc-2sfx
Phoenixcontact fl Switch 2214-2fx
Phoenixcontact fl Switch 2214-2fx Sm
Phoenixcontact fl Switch 2214-2sfx
Phoenixcontact fl Switch 2214-2sfx Pn
Phoenixcontact fl Switch 2216
Phoenixcontact fl Switch 2216 Pn
Phoenixcontact fl Switch 2303-8sp1
Phoenixcontact fl Switch 2304-2gc-2sfp
Phoenixcontact fl Switch 2306-2sfp
Phoenixcontact fl Switch 2306-2sfp Pn
Phoenixcontact fl Switch 2308
Phoenixcontact fl Switch 2308 Pn
Phoenixcontact fl Switch 2312-2gc-2sfp
Phoenixcontact fl Switch 2314-2sfp
Phoenixcontact fl Switch 2314-2sfp Pn
Phoenixcontact fl Switch 2316
Phoenixcontact fl Switch 2316/k1
Phoenixcontact fl Switch 2316 Pn
Phoenixcontact fl Switch 2404-2tc-2sfx
Phoenixcontact fl Switch 2406-2sfx
Phoenixcontact fl Switch 2406-2sfx Pn
Phoenixcontact fl Switch 2408
Phoenixcontact fl Switch 2408 Pn
Phoenixcontact fl Switch 2412-2tc-2sfx
Phoenixcontact fl Switch 2414-2sfx
Phoenixcontact fl Switch 2414-2sfx Pn
Phoenixcontact fl Switch 2416
Phoenixcontact fl Switch 2416 Pn
Phoenixcontact fl Switch 2504-2gc-2sfp
Phoenixcontact fl Switch 2506-2sfp
Phoenixcontact fl Switch 2506-2sfp/k1
Phoenixcontact fl Switch 2506-2sfp Pn
Phoenixcontact fl Switch 2508
Phoenixcontact fl Switch 2508/k1
Phoenixcontact fl Switch 2508 Pn
Phoenixcontact fl Switch 2512-2gc-2sfp
Phoenixcontact fl Switch 2514-2sfp
Phoenixcontact fl Switch 2514-2sfp Pn
Phoenixcontact fl Switch 2516
Phoenixcontact fl Switch 2516 Pn
Phoenixcontact fl Switch 2608
Phoenixcontact fl Switch 2608 Pn
Phoenixcontact fl Switch 2708
Phoenixcontact fl Switch 2708 Pn
Phoenixcontact fl Switch 5916-8gc-4sfp+
Phoenixcontact fl Switch 5916sfp-8gc-4sfp+
Phoenixcontact fl Switch 5924-4gc
Phoenixcontact fl Switch 5924-4sfp+
Phoenixcontact fl Switch 5924sfp-4gc
Phoenixcontact fl Switch Tsn 2312-2gc-2sfp
Phoenixcontact fl Switch Tsn 2314-2sfp
Phoenixcontact fl Switch Tsn 2316

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Mar 2026 07:45:00 +0000

Type Values Removed Values Added
Description A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain unaffected, the impact is limited to a low‑severity availability disruption.
Title Stack-Based Buffer Overflow in CLI Login Username Handling over CLI
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Phoenixcontact Fl Nat 2008 Fl Nat 2208 Fl Nat 2304-2gc-2sfp Fl Switch 2005 Fl Switch 2008 Fl Switch 2008f Fl Switch 2016 Fl Switch 2105 Fl Switch 2108 Fl Switch 2116 Fl Switch 2204-2tc-2sfx Fl Switch 2205 Fl Switch 2206-2fx Fl Switch 2206-2fx Sm Fl Switch 2206-2fx Sm St Fl Switch 2206-2fx St Fl Switch 2206-2sfx Fl Switch 2206-2sfx Pn Fl Switch 2206c-2fx Fl Switch 2207-fx Fl Switch 2207-fx Sm Fl Switch 2208 Fl Switch 2208 Pn Fl Switch 2208c Fl Switch 2212-2tc-2sfx Fl Switch 2214-2fx Fl Switch 2214-2fx Sm Fl Switch 2214-2sfx Fl Switch 2214-2sfx Pn Fl Switch 2216 Fl Switch 2216 Pn Fl Switch 2303-8sp1 Fl Switch 2304-2gc-2sfp Fl Switch 2306-2sfp Fl Switch 2306-2sfp Pn Fl Switch 2308 Fl Switch 2308 Pn Fl Switch 2312-2gc-2sfp Fl Switch 2314-2sfp Fl Switch 2314-2sfp Pn Fl Switch 2316 Fl Switch 2316/k1 Fl Switch 2316 Pn Fl Switch 2404-2tc-2sfx Fl Switch 2406-2sfx Fl Switch 2406-2sfx Pn Fl Switch 2408 Fl Switch 2408 Pn Fl Switch 2412-2tc-2sfx Fl Switch 2414-2sfx Fl Switch 2414-2sfx Pn Fl Switch 2416 Fl Switch 2416 Pn Fl Switch 2504-2gc-2sfp Fl Switch 2506-2sfp Fl Switch 2506-2sfp/k1 Fl Switch 2506-2sfp Pn Fl Switch 2508 Fl Switch 2508/k1 Fl Switch 2508 Pn Fl Switch 2512-2gc-2sfp Fl Switch 2514-2sfp Fl Switch 2514-2sfp Pn Fl Switch 2516 Fl Switch 2516 Pn Fl Switch 2608 Fl Switch 2608 Pn Fl Switch 2708 Fl Switch 2708 Pn Fl Switch 5916-8gc-4sfp+ Fl Switch 5916sfp-8gc-4sfp+ Fl Switch 5924-4gc Fl Switch 5924-4sfp+ Fl Switch 5924sfp-4gc Fl Switch Tsn 2312-2gc-2sfp Fl Switch Tsn 2314-2sfp Fl Switch Tsn 2316
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-03-18T13:32:24.892Z

Reserved: 2026-01-07T11:49:15.178Z

Link: CVE-2026-22321

cve-icon Vulnrichment

Updated: 2026-03-18T13:32:21.211Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-18T08:16:29.527

Modified: 2026-03-18T14:52:44.227

Link: CVE-2026-22321

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:59:08Z

Weaknesses