In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeidmueller Ie Wl Bl Ap Cl Eu
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wl Bl Ap Cl Eu Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wl Bl Ap Cl Us
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wl Bl Ap Cl Us Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wlt Bl Ap Cl Eu
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wlt Bl Ap Cl Eu Firmware
OSWeidmueller≤ 1.16.18≤ 1.11.10Weidmueller Ie Wlt Bl Ap Cl Us
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wlt Bl Ap Cl Us Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wlt Vl Ap Br Cl Eu
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wlt Vl Ap Br Cl Eu Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wlt Vl Ap Br Cl Us
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wlt Vl Ap Br Cl Us Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wl Vl Ap Br Cl Eu
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wl Vl Ap Br Cl Eu Firmware
OSWeidmueller≤ 1.11.10≤ 1.16.18Weidmueller Ie Wl Vl Ap Br Cl Us
HWWeidmuellerwszystkie wersjeWeidmueller Ie Wl Vl Ap Br Cl Us Firmware
OSWeidmueller≤ 1.16.18≤ 1.11.10
Related vulnerabilities
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within ...
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulne...
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exi...
In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability ...