HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2021-33532

CVSS 8.8v3.1pub. 2021-06-25upd. 2024-11-21

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Weidmueller Ie Wl Bl Ap Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Bl Ap Cl Eu Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wl Bl Ap Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Bl Ap Cl Us Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wlt Bl Ap Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Bl Ap Cl Eu Firmware

    OS
    Weidmueller
    ≀ 1.16.18≀ 1.11.10
  • Weidmueller Ie Wlt Bl Ap Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Bl Ap Cl Us Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wlt Vl Ap Br Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Vl Ap Br Cl Eu Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wlt Vl Ap Br Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Vl Ap Br Cl Us Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wl Vl Ap Br Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Vl Ap Br Cl Eu Firmware

    OS
    Weidmueller
    ≀ 1.11.10≀ 1.16.18
  • Weidmueller Ie Wl Vl Ap Br Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Vl Ap Br Cl Us Firmware

    OS
    Weidmueller
    ≀ 1.16.18≀ 1.11.10
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2021-33529HIGH7.5ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within ...

CVE-2021-33530HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...

CVE-2021-33531HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulne...

CVE-2021-33533HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...

CVE-2021-33528HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability ...

CVE-2021-33532 β€” Weidmueller β€” Ie-Wl-Bl-Ap-Cl-Eu β€” HIGH β€” CVSS 8.8 | CVEbaza.pl