CNNVD-202511-2082 Information
CNNVD ID
CNNVD-202511-2082
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
METZ CONNECT Energy-Controlling EWIO2-M等都是德国METZ CONNECT公司的产品。METZ CONNECT Energy-Controlling EWIO2-M是一款高性能数据记录器。METZ CONNECT Energy-Controlling EWIO2-M-BM是一款高性能数据记录器。METZ CONNECT Ethernet-IO EWIO2-BM是一款传感器和执行器控制器。 METZ CONNECT多款产品存在安全漏洞,该漏洞源于未经身份验证的攻击者可执行任意php文件,可能导致完全控制受影响设备。以下产品受到影响:METZ CONNECT Energy-Controlling EWIO2-M、METZ CONNECT Energy-Controlling EWIO2-M-BM和METZ CONNECT Ethernet-IO EWIO2-BM。
Description (English)
METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany. METZ CONNECT Energy-Controlling EWIO2-M is a high performance data recorder. METZ CONNECT Energy-Controlling EWIO2-M-BM is a high performance data recorder. METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and an implementer controller. There is a safety loophole in METZ CONNECT ’ s multiple products, which stems from the fact that unidentified assailants can enforce any php document that could lead to full control of the affected equipment. The following products were affected: METZ CONNECT Energy-Controlling EWIO2-M, METZ CONNECT Energy-Controlling EWIO2-M-BM and METZ CONNECT Ethernet-IO EWIO2-BM.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
METZ CONNECT
Published
2025-11-18
Last Modified
2026-02-24
References
https://certvde.com/de/advisories/VDE-2025-097
Patch
https://www.metz-connect.com/home.1e.en.html
Share on: