Weidmueller Ie-Sw-Pl10M-3Gt-7Tx vulnerabilities
5 known vulnerabilities affecting weidmueller/ie-sw-pl10m-3gt-7tx.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3
Vulnerabilities
Page 1 of 1
CVE-2025-41651P2CRITICALCVSS 9.8≥ 0.0.0, < 3.3.342025-05-27
CVE-2025-41651 [CRITICAL] CWE-306 CVE-2025-41651: Due to missing authentication on a critical function of the devices an unauthenticated remote attack
Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.
nvd
CVE-2025-41652P2CRITICALCVSS 9.8≥ 0.0.0, < 3.3.342025-05-27
CVE-2025-41652 [CRITICAL] CWE-328 CVE-2025-41652: The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism.
The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.
nvd
CVE-2025-41649P3HIGHCVSS 7.5≥ 0.0.0, < 3.3.342025-05-27
CVE-2025-41649 [HIGH] CWE-787 CVE-2025-41649: An unauthenticated remote attacker can exploit insufficient input validation to write data beyond th
An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.
nvd
CVE-2025-41653P3HIGHCVSS 7.5≥ 0.0.0, < 3.3.342025-05-27
CVE-2025-41653 [HIGH] CWE-410 CVE-2025-41653: An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web
An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive.
nvd
CVE-2025-41650P3HIGHCVSS 7.5≥ 0.0.0, < 3.3.342025-05-27
CVE-2025-41650 [HIGH] CWE-1287 CVE-2025-41650: An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allo
An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.
nvd