Zurück zur Übersicht

Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities

VDE-2025-052
Last update
23.07.2025 12:00
Published at
11.06.2025 12:00
Vendor(s)
Weidmueller Interface GmbH & Co. KG
External ID
VDE-2025-052
CSAF Document
Download

Summary

Weidmueller security routers IE-SR-2TX are affected by multiple vulnerabilities (CVE-2025-41661, CVE-2025-41663, CVE-2025-41683, CVE-2025-41684, CVE-2025-41687).

Weidmueller has released new firmware versions of the affected products to fix the vulnerabilities.

Update Version 1.1.0: Added CVEs CVE-2025-41683, CVE-2025-41684 and CVE-2025-41687.
Updated CVSS Score for CVE-2025-41663.
Removed CVE-2025-41662.

Impact

Weidmueller security routers are vulnerable to multiple vulnerabilities, that may lead to execution of arbitrary commands on affected devices with root privileges.

Further information can be found under vulnerability details.

Affected Product(s)

Model no. Product name Affected versions
2682590000 IE-SR-2TX-WL Firmware <V1.49
2682560000 IE-SR-2TX-WL-4G-EU Firmware <V1.62
2682580000 IE-SR-2TX-WL-4G-US-V Firmware <V1.62

Vulnerabilities

Expand / Collapse all

Published
22.09.2025 14:57
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Stack-based Buffer Overflow (CWE-121)
Summary

An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices.

References
cve.org | nvd.nist.gov

Published
22.09.2025 14:57
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations.

References
cve.org | nvd.nist.gov

Published
22.09.2025 14:57
Severity
8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting).

References
cve.org | nvd.nist.gov

Published
22.09.2025 14:57
Severity
8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail_test).

References
cve.org | nvd.nist.gov

Published
22.09.2025 14:57
Severity
8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness
Cross-Site Request Forgery (CSRF) (CWE-352)
Summary

An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection.

References
cve.org | nvd.nist.gov

Remediation

Update to the new version as listed in the following table:

Product Affected Version Fixed Version
IE-SR-2TX-WL

Revision History

Version Date Summary
1.0.0 11.06.2025 12:00 Initial version
1.1.0 23.07.2025 12:00 Added CVEs CVE-2025-41683, CVE-2025-41684 and CVE-2025-41687. Updated CVSS Score for CVE-2025-41663. Removed CVE-2025-41662.