In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-06-25T18:25:59.235511Z

Updated: 2024-09-17T04:20:16.498Z

Reserved: 2021-05-24T00:00:00

Link: CVE-2021-33534

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-25T19:15:09.297

Modified: 2024-11-21T06:09:01.707

Link: CVE-2021-33534

cve-icon Redhat

No data.