CVE-2025-3020
Published: May 6, 2025
Modified: May 6, 2025
CVSS v3.1
5.4
Description
An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact.
| Vendor | Product | Versions |
|---|---|---|
Wiesemann & Theis | ERP-Gateway 12x Digital Input, 6x Digital Relais | affected all |
Wiesemann & Theis | ERP-Gateway 2x Digital Input, 2x Digital Output | affected all |
Wiesemann & Theis | ERP-Gateway 2x Digital PoE | affected all |
Wiesemann & Theis | Web-Alarm 6x6 DigitalWeb-Alarm 6x6 Digital | affected all |
Wiesemann & Theis | Web-Count 6x Digital | affected 0 - < 3.79 |
Wiesemann & Theis | Web-Graph Air Quality | affected all |
Wiesemann & Theis | Web-IO 12x Digital Input, 6x Digital Relais | affected all |
Wiesemann & Theis | Web-IO 12x Digital Input, 6x Digital Relais | affected all |
Wiesemann & Theis | Web-IO 12x Digital Input, 6x Digital Relais | affected all |
Wiesemann & Theis | Web-IO Analog-In/Out 2x 0/4..20mA PoE | affected all |
Wiesemann & Theis | Web-IO Digital 12xIn, 12xOut | affected all |
Wiesemann & Theis | Web-IO Digital 12xIn, 12xOut | affected all |
Wiesemann & Theis | Web-IO Digital 12xIn, 12xOut | affected 0 - < 4.08 |
Wiesemann & Theis | Web-IO Digital 12xIn, 12xOut, 1xRS232 | affected all |
Wiesemann & Theis | Web-IO Digital 12xIn, 12xOut, 1xRS232 | affected all |
Wiesemann & Theis | Web-IO Digital 2xIn, 2xOut | affected all |
Wiesemann & Theis | Web-IO Digital 2xIn, 2xOut | affected all |
Wiesemann & Theis | Web-IO Digital 2xIn, 2xOut | affected all |
Wiesemann & Theis | Web-IO Digital Logger 6xIn, 6xOut | affected 0 - < 3.70 |
Wiesemann & Theis | Web-Thermograph 2x | affected all |
Wiesemann & Theis | Web-Thermograph 8x | affected all |
Wiesemann & Theis | Web-Thermograph NTC | affected all |
Wiesemann & Theis | Web-Thermograph NTC PoE | affected all |
Wiesemann & Theis | Web-Thermograph Pt100 / Pt1000 | affected all |
Wiesemann & Theis | Web-Thermograph Pt100 / Pt1000 PoE | affected all |
Wiesemann & Theis | Web-Thermograph Relais | affected all |
Wiesemann & Theis | Web-Thermo-Hygrobarograph | affected all |
Wiesemann & Theis | Web-Thermo-Hygrograph | affected all |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now