Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Weidmueller: Security routers IE-SR-2TX are affected by Command Injection
Vulnerability Description
For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Weidmueller Interface IE-SR-2TX-WL 操作系统命令注入漏洞
Vulnerability Description
Weidmueller Interface IE-SR-2TX-WL是德国Weidmueller Interface公司的一款工业安全路由器。 Weidmueller Interface IE-SR-2TX-WL存在操作系统命令注入漏洞,该漏洞源于中间人攻击者可以注入任意命令,可能导致以提升的权限执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A