Browse all 5 CVE security advisories affecting METZ CONNECT. AI-powered Chinese analysis, POCs, and references for each vulnerability.
METZ CONNECT develops industrial connectivity solutions, focusing on network components and communication interfaces for automation systems. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and authentication flaws. While no major public security incidents have been widely documented, the five CVEs on record highlight persistent weaknesses in access control and secure coding practices. Their devices typically operate in critical infrastructure environments, making security patches and proper network segmentation essential to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-41737 | Improper access control via php endpoint — Energy-Controlling EWIO2-MCWE-284 | 7.5 | High | 2025-11-18 |
| CVE-2025-41736 | Possible arbitrary code execution — Energy-Controlling EWIO2-MCWE-35 | 8.8 | High | 2025-11-18 |
| CVE-2025-41735 | Possible arbitrary file upload — Energy-Controlling EWIO2-MCWE-434 | 8.8 | High | 2025-11-18 |
| CVE-2025-41734 | Unauthenticated Local File Inclusion in php module — Energy-Controlling EWIO2-MCWE-98 | 9.8 | Critical | 2025-11-18 |
| CVE-2025-41733 | Possible malfunction credential injection — Energy-Controlling EWIO2-MCWE-305 | 9.8 | Critical | 2025-11-18 |
This page lists every published CVE security advisory associated with METZ CONNECT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.