CVE-2021-33534
WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability.
En los dispositivos WLAN industriales de Weidmueller en múltiples versiones existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad de nombre de host. Una entrada especialmente diseñada para la información de configuración de la red puede causar la ejecución de comandos arbitrarios del sistema, lo que resulta en el control total del dispositivo. Un atacante puede enviar varias peticiones mientras está autenticado como usuario con altos privilegios para activar esta vulnerabilidad
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-05-24 CVE Reserved
- 2021-06-25 CVE Published
- 2024-09-17 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://cert.vde.com/en-us/advisories/vde-2021-026 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-eu Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-eu Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-us Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-us Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-eu Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-eu Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-us Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us Firmware" | <= 1.16.18 Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us Firmware" and version " <= 1.16.18" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-us Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-eu Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-eu Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-bl-ap-cl-us Search vendor "Weidmueller" for product "Ie-wl-bl-ap-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-bl-ap-cl-us Search vendor "Weidmueller" for product "Ie-wlt-bl-ap-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-eu Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-eu Firmware Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-eu Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-eu" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wl-vl-ap-br-cl-us Search vendor "Weidmueller" for product "Ie-wl-vl-ap-br-cl-us" | - | - |
Safe
|
| Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-us Firmware Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us Firmware" | <= 1.11.10 Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us Firmware" and version " <= 1.11.10" | - |
Affected
| in | Weidmueller Search vendor "Weidmueller" | Ie-wlt-vl-ap-br-cl-us Search vendor "Weidmueller" for product "Ie-wlt-vl-ap-br-cl-us" | - | - |
Safe
|