• 1 (current)
  • 2

Weidmueller: Authentication Vulnerability in PROCON-WIN 5

Weidmüller product PROCON-WIN is affected by hard-coded credentials.

Weidmüller has released a new version of the affected product to fix the vulnerability.


CVE-2025-1393: 9.8

Weidmueller: OpenSSL vulnerability in industrial ethernet switches

Multiple Weidmüller products are affected by an OpenSSL vulnerability.

Weidmüller has released new firmwares of the affected products to fix the vulnerability.


CVE-2016-2183: 7.5

Weidmüller: WIBU Vulnerability in multiple Products

Multiple Weidmueller products are affected by recent WIBU vulnerability.


CVE-2023-3935: 9.8

Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability

A JavaScript injection vulnerability has been discovered in the XML editing system SCHEMA ST4 online
help by Quanos Solutions GmbH. For details refer to CVE.
This vulnerability may allow an attacker to inject JavaScript code via URL to the affected products


CVE-2022-3073: 6.1

Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write

A critical vulnerability has been discovered in the utilized component EtherNet/IP Adapter Development Kit (EADK) by Pyramid Solutions, Inc.. For details refer to CVE(s).
This vulnerability may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition of the affected products.

The indicated firmware versions are only used on products of hardware version 01.xx.xx.


CVE-2022-1737: 7.5

WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways

Multiple issues have been found in the affected products. See CVE descriptions for details.


CVE-2019-9096: 9.8
CVE-2019-9095: 9.8
CVE-2019-9099: 9.8
CVE-2019-9102: 8.8
CVE-2019-9101: 7.5
CVE-2019-9098: 7.5
CVE-2019-9104: 7.5
CVE-2019-9103: 5.3
CVE-2019-9097: 5.3

Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities

The Weidmueller Remote I/O (IP20) fieldbus couplers (u-remote) are affected by several vulnerabilities of the third-party TCP/IP Niche stack. An attacker may use crafted IP packets to cause a denial of service or breach of integrity of the affected products. Weidmueller recommends restricting network access from the internet and also locally to reduce the attack vector to a manageable minimum.


CVE-2021-31401: 7.5
CVE-2020-35684: 7.5
CVE-2020-35683: 7.5

Weidmueller: Multiple vulnerabilities in Industrial WLAN devices (Update A)

Multiple issues in Weidmueller Industrial WLAN devices have been found.

Initial publication date: 2021-06-23
Update A publication date: 2021-07-02

Update A

CVE-2021-33534

CVSS: 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Description: An exploitable command injection vulnerability exists in the hostname functionality of Weidmueller Industrial WLAN devices. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability.



CVE-2021-33531: 8.8
CVE-2021-33532: 8.8
CVE-2021-33537: 8.8
CVE-2021-33538: 8.8
CVE-2021-33533: 8.8
CVE-2021-33528: 8.8
CVE-2021-33535: 8.8
CVE-2021-33530: 8.8
CVE-2021-33529: 7.5
CVE-2021-33536: 7.5
CVE-2021-33539: 7.2
CVE-2021-33534: 7.2
  • 1 (current)
  • 2

Feeds

By Vendor

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0