Vulnerabilities > Weidmueller > IE WLT VL AP BR CL US Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-25 | CVE-2021-33528 | Improper Adherence to Coding Standards vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. | 8.8 |
| 2021-06-25 | CVE-2021-33529 | Use of Hard-coded Credentials vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device. | 7.5 |
| 2021-06-25 | CVE-2021-33530 | OS Command Injection vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. | 8.8 |
| 2021-06-25 | CVE-2021-33531 | Use of Hard-coded Credentials vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. | 8.8 |
| 2021-06-25 | CVE-2021-33532 | OS Command Injection vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. | 8.8 |
| 2021-06-25 | CVE-2021-33533 | OS Command Injection vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. | 8.8 |
| 2021-06-25 | CVE-2021-33534 | OS Command Injection vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. | 7.2 |
| 2021-06-25 | CVE-2021-33535 | Use of Externally-Controlled Format String vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. | 8.8 |
| 2021-06-25 | CVE-2021-33536 | Integer Underflow (Wrap or Wraparound) vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. | 7.5 |
| 2021-06-25 | CVE-2021-33537 | Classic Buffer Overflow vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. | 8.8 |