Zurück zur Übersicht

Wiesemann & Theis multiple products prone to web interface vulnerability

VDE-2022-057
Last update
14.05.2025 15:00
Published at
13.12.2022 08:00
Vendor(s)
Wiesemann & Theis GmbH
External ID
VDE-2022-057
CSAF Document
Download

Summary

Multiple Wiesemann & Theis product families are affected by a vulnerability in the web interface. The device allows an unauthenticated attacker to get the session ID of a logged in user. He may then spoof his IP address to act as the logged in user.

Impact

The attacker can set all settings and take over the device completely.

Affected Product(s)

Model no. Product name Affected versions
58665 Com-Server ++ <1.55 Com-Server ++ <1.55
58664 Com-Server 20mA <1.55 Com-Server 20mA <1.55
58651 Com-Server Highspeed 100BaseFX <1.78 Com-Server Highspeed 100BaseFX <1.78
58652 Com-Server Highspeed 100BaseLX <1.78 Com-Server Highspeed 100BaseLX <1.78
58331 Com-Server Highspeed 19" 1Port <1.78 Com-Server Highspeed 19" 1Port <1.78
58334 Com-Server Highspeed 19" 4Port <1.78 Com-Server Highspeed 19" 4Port <1.78
58231 Com-Server Highspeed Compact <1.78 Com-Server Highspeed Compact <1.78
58631 Com-Server Highspeed Industry <1.78 Com-Server Highspeed Industry <1.78
58633 Com-Server Highspeed Isolated <1.78 Com-Server Highspeed Isolated <1.78
58431 Com-Server Highspeed OEM <1.78 Com-Server Highspeed OEM <1.78
58031 Com-Server Highspeed Office 1 Port <1.78 Com-Server Highspeed Office 1 Port <1.78
58034 Com-Server Highspeed Office 4 Port <1.78 Com-Server Highspeed Office 4 Port <1.78
58641 Com-Server Highspeed PoE <1.78 Com-Server Highspeed PoE <1.78
58661 Com-Server LC <1.55 Com-Server LC <1.55
58662 Com-Server PoE 3 x Isolated <1.55 Com-Server PoE 3 x Isolated <1.55
58669 Com-Server UL <1.55 Com-Server UL <1.55

Vulnerabilities

Expand / Collapse all

Published
22.09.2025 14:58
Severity
7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness
Authentication Bypass by Spoofing (CWE-290)
Summary

Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. During an authenticated session to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.

References
cve.org | nvd.nist.gov

Remediation

Update Com-Server family to version 1.55 Update Com-Server Highspeed family to version 1.78 or higher

Revision History

Version Date Summary
1 13.12.2022 08:00 Initial revision.
2 14.05.2025 15:00 Fix: added distribution