VDE-2025-067
Aug. 25, 2025, 12:00 PM
Motherbox 3 with firmware 1.44 to 1.48 allows an unauthenticated remote attacker read-only access to the internal DB with measurement values from other W&T sensor devices.
VDE-2025-024
May 13, 2025, 12:00 PM
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability.
VDE-2025-032
May 6, 2025, 12:00 PM
Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the …
VDE-2025-031
April 28, 2025, 12:00 PM
Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions
Com-Server firmware versions prior to 1.60 support the insecure TLS 1.0 and TLS 1.1 protocols, which are susceptible to man-in-the-middle attacks and thereby compromise the confidentiality and integrity of data.
VDE-2024-018
May 14, 2025, 2:36 PM
Multiple Wiesemann & Theis software products are affected by a vulnerability through an unquoted search path in the Windows registry. A local attacker can execute arbitrary code and gain administrative …
VDE-2022-057
May 14, 2025, 3:00 PM
Multiple Wiesemann & Theis product families are affected by a vulnerability in the web interface. The device allows an unauthenticated attacker to get the session ID of a logged in …
VDE-2022-043
Nov. 7, 2022, 1:14 PM
Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.