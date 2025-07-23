Most significant of the vulnerabilities are a trio of high-severity issues that could be leveraged to allow arbitrary operating system command execution among highly privileged threat actors. On the other hand, the remaining medium-severity bugs could be harnessed to facilitate cross-site scripting, denial-of-service, and SQL injection intrusions. Despite authentication requirements for most of the flaws, default REX 100 router credentials could be used as a bypass, noted Sebastian Dietz of industrial cybersecurity firm CyberDanube, whose lab exercises at an Austrian university led to the identification of the security defects. Aside from arbitrary code execution as root potentially leading to disruption or further systems compromise, attackers could also exploit the routers' permanent link to Helmholz's environment to breach other customers' devices, said Dietz. All of the issues have already been addressed by Helmholz.
Multiple Helmholz industrial router bugs threaten significant compromise
Widely used Helmholz REX 100 routers have been impacted by eight security flaws that could be exploited to facilitate serious compromise, according to SecurityWeek.
