CVE-2025-41684
Weidmueller: Root Command Injection via Unsanitized Input in tls_iotgen_setting Endpoint
An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting).
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Weidmueller · IE-SR-2TX-WLWeidmueller · IE-SR-2TX-WL-4G-EUWeidmueller · IE-SR-2TX-WL-4G-US-VWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →