How severe is CVE-2021-33538?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2021-33538?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2021-33538

HIGH Year: 2021

CVSS v3 Score

8.8

High

CVSS v2 Score

9.0

Critical

Weakness Type

CWE-269

View all →

Vulnerability Description

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CVE-2010-4664

HIGH

CVSS:8.8(High)

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

CWE-2692010

CVE-2012-6639

HIGH

CVSS:8.8(High)

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CWE-2692012

CVE-2013-0643

HIGH

CVSS:8.8(High)

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restr...

CWE-2692013

CVE-2013-4583

HIGH

CVSS:8.8(High)

The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated ...

CWE-2692013