Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WEIDMUELLER: WLAN devices affected by improper access control vulnerability
Vulnerability Description
In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Weidmueller Industrial WLAN 安全漏洞
Vulnerability Description
Weidmueller Industrial WLAN devices是德国Weidmueller公司的一个工控WIAN。 Weidmueller Industrial WLAN 存在安全漏洞,该漏洞源于特制的用户名条目可能会导致现有用户帐户密码被覆盖,从而导致以该用户身份远程shell访问设备。
CVSS Information
N/A
Vulnerability Type
N/A