VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 25, 2021· Updated Sep 16, 2024

WEIDMUELLER: WLAN devices affected by authentication bypass vulnerability

CVE-2021-33539

Description

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Authentication bypass in Weidmueller Industrial WLAN devices via specially crafted hostname allows remote attackers with SNMP access to bypass web authentication.

Vulnerability

In Weidmueller Industrial WLAN devices across multiple versions, an authentication bypass vulnerability exists in the hostname processing logic. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, thereby bypassing web authentication. The vulnerability is triggered via authenticated SNMP requests.

Exploitation

An attacker with network access and valid SNMP credentials can send specially crafted SNMP requests to set a malicious hostname on the device. This hostname causes the device to treat subsequent remote web traffic as locally originating, bypassing the web authentication mechanism.

Impact

Successful exploitation allows the attacker to bypass authentication and gain unauthorized access to the device's web interface, potentially leading to full device compromise and network exposure.

Mitigation

No mitigation information is provided in the available references. Users should contact the vendor for security updates.

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Weidmueller/Industrial WLANllm-fuzzy
  • Weidmüller/IE-WL(T)-BL-AP-CL-XXv5
    Range: IE-WL-BL-AP-CL-EU (2536600000)
  • Weidmüller/IE-WL(T)-VL-AP-CL-XXv5
    Range: IE-WL-VL-AP-BR-CL-EU (2536680000)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.