Vulnerabilities > Weidmueller > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-3073 | Cross-site Scripting vulnerability in Weidmueller products Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. | 6.1 |
| 2021-06-25 | CVE-2021-33529 | Use of Hard-coded Credentials vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device. | 5.0 |
| 2021-06-25 | CVE-2021-33535 | Use of Externally-Controlled Format String vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. | 6.5 |
| 2021-06-25 | CVE-2021-33536 | Integer Underflow (Wrap or Wraparound) vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. | 5.0 |
| 2021-06-25 | CVE-2021-33537 | Classic Buffer Overflow vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. | 6.5 |
| 2021-06-25 | CVE-2021-33539 | Improper Authentication vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. | 6.5 |
| 2021-01-22 | CVE-2020-12525 | Deserialization of Untrusted Data vulnerability in multiple products M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage. | 6.8 |
| 2019-12-06 | CVE-2019-16674 | Cleartext Transmission of Sensitive Information vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 5.0 |
| 2019-12-06 | CVE-2019-16673 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 4.0 |
| 2019-12-06 | CVE-2019-16672 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 5.0 |