Vulnerabilities > Weidmueller > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-06-25 CVE-2021-33528 Improper Adherence to Coding Standards vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality.
network
low complexity
weidmueller CWE-710
critical
 9.0
9.0
2021-06-25 CVE-2021-33530 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices.
network
low complexity
weidmueller CWE-78
critical
 9.0
9.0
2021-06-25 CVE-2021-33531 Use of Hard-coded Credentials vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities.
network
low complexity
weidmueller CWE-798
critical
 9.0
9.0
2021-06-25 CVE-2021-33532 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality.
network
low complexity
weidmueller CWE-78
critical
 9.0
9.0
2021-06-25 CVE-2021-33533 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality.
network
low complexity
weidmueller CWE-78
critical
 9.0
9.0
2021-06-25 CVE-2021-33534 OS Command Injection vulnerability in Weidmueller products
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality.
network
low complexity
weidmueller CWE-78
critical
 9.0
9.0
2021-05-13 CVE-2021-20999 Unspecified vulnerability in Weidmueller products
In Weidmüller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces.
network
low complexity
weidmueller
critical
 9.8
9.8