Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2021-33532

Published: 25/06/2021 Updated: 27/07/2021
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Ie-wl-bl-ap-cl-eu Firmware

Vulnerability Summary

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

weidmueller ie-wl-bl-ap-cl-eu_firmware

weidmueller ie-wlt-bl-ap-cl-eu_firmware

weidmueller ie-wl-bl-ap-cl-us_firmware

weidmueller ie-wlt-bl-ap-cl-us_firmware

weidmueller ie-wl-vl-ap-br-cl-eu_firmware

weidmueller ie-wlt-vl-ap-br-cl-eu_firmware

weidmueller ie-wl-vl-ap-br-cl-us_firmware

weidmueller ie-wlt-vl-ap-br-cl-us_firmware

References

CWE-78https://cert.vde.com/en-us/advisories/vde-2021-026https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook