Primary

Context

Weidmueller IE-SR-2TX Security Routers Command Injection Vulnerability Allowing Elevated Privilege Execution

Vulnerability

A command injection vulnerability has been identified in Weidmueller security routers IE-SR-2TX models, including the IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU, and IE-SR-2TX-WL-4G-US-V versions, all prior to specific fixed releases. This vulnerability allows an unauthenticated remote attacker, positioned as a man-in-the-middle, to inject arbitrary commands into responses from WWH servers, potentially leading to unauthorized command execution with elevated privileges on the affected devices.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected router with root privileges.

Remediation

Users are advised to update to version 1.49 for the IE-SR-2TX-WL model and version 1.62 for the IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V models.

Added: Jun 11, 2025, 9:19 AM

Updated: Jun 11, 2025, 9:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Weidmueller IE-SR-2TX Security Routers Command Injection Vulnerability Allowing Elevated Privilege Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating