CNNVD-202507-2997 Information
CNNVD ID
CNNVD-202507-2997
Related CVE
- CNNVD Published: 2025-07-23
Description (Chinese)
Weidmueller IE-SR-2TX-WL等都是德国Weidmueller公司的一款工业级安全路由器。 Weidmueller多款产品存在操作系统命令注入漏洞,该漏洞源于主Web接口中对用户输入清理不当,可能导致任意命令执行。以下产品受到影响:IE-SR-2TX-WL、IE-SR-2TX-WL-4G-EU 和IE-SR-2TX-WL-4G-US-V。
Description (English)
Weidmueler IE-SR-2TX-WL and others are industrial safety routers of Weidmueler, Germany. There is a gap in operating system commands in the Weidmueler multi-products, which arises from the inappropriate cleaning of user input in the main Web interface, which may result in arbitrary orders being executed. The following products were affected: IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V.
Hazard Level
Medium
Vulnerability Type
操作系统命令注入
Affected Vendor
Weidmueller
Published
2025-07-23
Last Modified
2026-02-24
References
https://certvde.com/de/advisories/VDE-2025-052
Patch
https://eshop.weidmueller.com/zh/ie-sr-2tx-wl/p/2682590000/downloads
Share on: