Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/13 9:21 a.m.6 views

CVE-2025-41663

For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations...

9.8CVSS6.9AI score0.00549EPSS
Exploits0References1
CVE
CVE
added 2025/06/11 8:15 a.m.57 views

CVE-2025-41663

The CVE-2025-41663 entry pertains to the Weidmueller IE-SR-2TX-WL industrial security router. Affected component is the u-link Management API, where an unauthenticated, man‑in‑the‑middle attacker can inject arbitrary commands in responses returned by WWH servers, leading to arbitrary command exec...

9.8CVSS6.8AI score0.00549EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/11 8:15 a.m.3 views

CVE-2025-41663 Weidmueller: Security routers IE-SR-2TX are affected by Command Injection

For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations...

9.8CVSS6.8AI score0.00549EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/11 8:15 a.m.14 views

CVE-2025-41663 Weidmueller: Security routers IE-SR-2TX are affected by Command Injection

For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations...

9.8CVSS0.00549EPSS
Exploits0References1
Rows per page
Query Builder