Vulnerabilities > CVE-2022-3843 - Hidden Functionality vulnerability in Wago 852-111/000-001 Firmware 01

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
wago
CWE-912
critical

Summary

In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.

Vulnerable Configurations

Part Description Count
OS
Wago
1
Hardware
Wago
1

Common Weakness Enumeration (CWE)