Show filters
12 Total Results
Displaying 11-12 of 12
Sort by:
Attacker Value
Unknown

CVE-2021-33534

Disclosure Date: June 23, 2021 (last updated February 22, 2025)
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability.
Attacker Value
Unknown

CVE-2021-33531

Disclosure Date: June 23, 2021 (last updated February 22, 2025)
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability.