CVE-2021-33530

Name of the Vulnerable Software and Affected Versions Weidmueller Industrial WLAN devices (affected versions not specified)

Description A command injection issue exists in the encrypted diagnostic script functionality of the devices. This allows a specially crafted diagnostic script file to execute arbitrary busybox commands, resulting in remote control over the device. An attacker, authenticated as a low-privilege user, can send a diagnostic script to trigger this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.