Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability
Vulnerability Description
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Weidmueller Industrial WLAN 操作系统命令注入漏洞
Vulnerability Description
Weidmueller Industrial WLAN devices是德国Weidmueller公司的一个工控WIAN。 Weidmueller Industrial WLAN 存在安全漏洞,该漏洞源于特制的诊断脚本文件可能会导致执行任意的busybox命令,从而导致对设备的远程控制。
CVSS Information
N/A
Vulnerability Type
N/A