CSRF Vulnerability in IoT Devices by Vendor
CVE-2025-41662

8.8HIGH

Key Information:

Vendor: Weidmueller
Status: Ie-sr-2tx-wl; Ie-sr-2tx-wl-4g-eu; Ie-sr-2tx-wl-4g-us-v
Vendor: CVE Published:; 11 June 2025

🔔 Create Weidmueller Vulnerability Alert

What is CVE-2025-41662?

A security flaw exists in the main web interface of certain IoT devices, allowing unauthenticated remote attackers to execute arbitrary commands with root privileges. This vulnerability arises from a lack of adequate CSRF protection, exposing the affected products to significant risks. It is crucial for users and administrators to apply recommended security patches and enhance their defenses against potential exploitation.

Affected Version(s)

IE-SR-2TX-WL 0

IE-SR-2TX-WL-4G-EU 0

IE-SR-2TX-WL-4G-US-V 0

References

https://certvde.com/en/advisories/VDE-2025-052

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

ONEKEY Research Labs