5 matches found
CVE-2025-41684
An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface endpoint tlsiotgensetting...
CVE-2025-41684
creationtimestamp| type| source ---|---|--- 2025-07-23 10:46:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lumtpur6ys2j...
CVE-2025-41684
An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface endpoint tlsiotgensetting...
CVE-2025-41684 Weidmueller: Root Command Injection via Unsanitized Input in tls_iotgen_setting Endpoint
An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface endpoint tlsiotgensetting...
CVE-2025-41684
An authenticated remote attacker can execute arbitrary commands with root privileges via the tls_iotgen_setting endpoint in the Main Web Interface of affected Apache IoT devices. Root cause is improper sanitizing of user input, enabling command injection. Impact is full control of the device at r...