3 matches found
CVE-2021-33533
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iwwebs functionality. A specially crafted iwserverip parameter can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. ...
CVE-2021-33533 WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iwwebs functionality. A specially crafted iwserverip parameter can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. ...
CVE-2021-33533
The CVE-2021-33533 entry affects Weidmueller Industrial WLAN devices. The vulnerability is an OS command injection in the iw_webs functionality: a crafted iw_serverip input is reflected in a subsequent iw_system call, allowing an authenticated, low-privilege user to execute commands and take remo...