Description
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloads in the login field to extract sensitive database information and bypass authentication mechanisms.
Published: 2026-05-17
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Nordex N149 Wind Turbine Web Server versions 4.0 through 4.5 expose an unauthenticated SQL injection flaw in the login.php module. Malicious actors can submit crafted POST requests to the login field, allowing execution of arbitrary SQL statements against the server’s database. This can lead to extraction of sensitive information and bypass of authentication controls, compromising data confidentiality and integrity.

Affected Systems

Affected units are the Nordex N149 Wind Turbine Web Server running firmware versions 4.0 to 4.5, which include the vulnerable login.php code as shipped by Nordex Online.

Risk and Exploitability

The CVSS base score of 8.8 classifies the vulnerability as high severity. With no EPSS data available and the issue not listed in the CISA KEV catalog, the likelihood of widespread exploitation is uncertain. The most plausible attack vector is a web‑based, unauthenticated POST request to the device’s public login interface, which can be conducted from any network that can reach the turbine’s web UI. Exploitation would enable the adversary to read or modify database contents and potentially gain privileged access, but the description does not support claims of full system takeover.

Generated by OpenCVE AI on May 17, 2026 at 13:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the turbine firmware to the latest release that removes the vulnerable login.php implementation.
  • Implement network-level restrictions such as IP whitelisting or VPN access to limit who can reach the web interface and reduce the attack surface.
  • Deploy a web application firewall or input‑validation mechanism to detect and block SQL injection payloads sent to the login endpoint.

Generated by OpenCVE AI on May 17, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Nordex-online
Nordex-online n149 Wind Turbine Web Server
Vendors & Products Nordex-online
Nordex-online n149 Wind Turbine Web Server

Sun, 17 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloads in the login field to extract sensitive database information and bypass authentication mechanisms.
Title Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Nordex-online N149 Wind Turbine Web Server
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-17T12:11:37.720Z

Reserved: 2026-05-17T11:49:47.598Z

Link: CVE-2018-25333

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-17T13:16:44.970

Modified: 2026-05-17T13:16:44.970

Link: CVE-2018-25333

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T16:59:57Z

Weaknesses