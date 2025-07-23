Vulnerability Management, Network Security

Multiple Helmholz industrial router bugs threaten significant compromise

Adobe Stock

Adobe Stock

Widely used Helmholz REX 100 routers have been impacted by eight security flaws that could be exploited to facilitate serious compromise, according to SecurityWeek.

Most significant of the vulnerabilities are a trio of high-severity issues that could be leveraged to allow arbitrary operating system command execution among highly privileged threat actors. On the other hand, the remaining medium-severity bugs could be harnessed to facilitate cross-site scripting, denial-of-service, and SQL injection intrusions. Despite authentication requirements for most of the flaws, default REX 100 router credentials could be used as a bypass, noted Sebastian Dietz of industrial cybersecurity firm CyberDanube, whose lab exercises at an Austrian university led to the identification of the security defects. Aside from arbitrary code execution as root potentially leading to disruption or further systems compromise, attackers could also exploit the routers' permanent link to Helmholz's environment to breach other customers' devices, said Dietz. All of the issues have already been addressed by Helmholz.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Related

Intrusions involving SharePoint exploits pinned on Chinese hacking operations

Chinese state-sponsored threat operations Linen Typhoon, also known as APT27, Emissary Panda, and Bronze Union, and Violet Typhoon, also known as APT31, Judgment Panda, and Bronze Vinewood, as well as the suspected China-based hacking group Storm-2603 have been targeting vulnerable internet-exposed Microsoft SharePoint servers impacted by the flaws, tracked as CVE-2025-53770 and CVE-2025-53771, since earlier this month, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

ACK PiggybackingAddress Resolution Protocol (ARP)CellCollisionComputer NetworkCrossover CableDecapsulationDemilitarized Zone (DMZ)Distance VectorDomain

You can skip this ad in 5 seconds