HIGH🇬🇧 English

CVE-2021-33531

CVSS 8.8v3.1pub. 2021-06-25upd. 2024-11-21

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Weidmueller Ie Wl Bl Ap Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Bl Ap Cl Eu Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wl Bl Ap Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Bl Ap Cl Us Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wlt Bl Ap Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Bl Ap Cl Eu Firmware

    OS
    Weidmueller
    ≤ 1.16.18≤ 1.11.10
  • Weidmueller Ie Wlt Bl Ap Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Bl Ap Cl Us Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wlt Vl Ap Br Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Vl Ap Br Cl Eu Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wlt Vl Ap Br Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wlt Vl Ap Br Cl Us Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wl Vl Ap Br Cl Eu

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Vl Ap Br Cl Eu Firmware

    OS
    Weidmueller
    ≤ 1.11.10≤ 1.16.18
  • Weidmueller Ie Wl Vl Ap Br Cl Us

    HW
    Weidmueller
    wszystkie wersje
  • Weidmueller Ie Wl Vl Ap Br Cl Us Firmware

    OS
    Weidmueller
    ≤ 1.16.18≤ 1.11.10
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-33529HIGH7.5ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within ...

CVE-2021-33530HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...

CVE-2021-33532HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...

CVE-2021-33533HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...

CVE-2021-33528HIGH8.8ten sam produkt

In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability ...