Vulnerabilities > Weidmueller

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-33528 Improper Adherence to Coding Standards vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality.
network
low complexity
weidmueller CWE-710
critical
9.0
2021-06-25 CVE-2021-33529 Use of Hard-coded Credentials vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device.
network
low complexity
weidmueller CWE-798
5.0
2021-06-25 CVE-2021-33530 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices.
network
low complexity
weidmueller CWE-78
critical
9.0
2021-06-25 CVE-2021-33531 Use of Hard-coded Credentials vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities.
network
low complexity
weidmueller CWE-798
critical
9.0
2021-06-25 CVE-2021-33532 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality.
network
low complexity
weidmueller CWE-78
critical
9.0
2021-06-25 CVE-2021-33533 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality.
network
low complexity
weidmueller CWE-78
critical
9.0
2021-06-25 CVE-2021-33534 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality.
network
low complexity
weidmueller CWE-78
critical
9.0
2021-06-25 CVE-2021-33535 Use of Externally-Controlled Format String vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality.
network
low complexity
weidmueller CWE-134
6.5
2021-06-25 CVE-2021-33536 Integer Underflow (Wrap or Wraparound) vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality.
network
low complexity
weidmueller CWE-191
5.0
2021-06-25 CVE-2021-33537 Classic Buffer Overflow vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality.
network
low complexity
weidmueller CWE-120
6.5