Siemens SCALANCE product command injection vulnerability

SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 industrial routers are used for secure remote access to plants over mobile networks (e.g. GPRS or UMTS) with integrated security features of firewalls to prevent unauthorized access, and VPNs to protect data transmission.SCALANCE SC-600 devices (SC622-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C) are used to protect trusted industrial networks from untrusted network attacks. They allow filtering of incoming and outgoing network connections in different ways.SCALANCE W-1700 products are wireless communication devices based on the IEEE 802.11ac standard.SCALANCE W-700 products are wireless communication devices based on the IEEE 802.11ax standard.SCALANCE X switches are used to connect industrial components such as A command injection vulnerability exists in Siemens SCALANCE products due to a failure of the affected device to properly filter input fields. A remote attacker could use this vulnerability to inject code or generate a system root shell.