Vulnerabilities > CVE-2022-45138 - Unspecified vulnerability in Wago products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

wago

NVD

Published: 2023-02-27

Updated: 2024-11-21

Summary

The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.

Vulnerable Configurations

Part	Description	Count
OS	Wago Wago 751 9301 Firmware * Wago 751 9301 Firmware 22 Wago 751 9301 Firmware 23 Wago 752 8303/8000 002 Firmware 18 Wago 752 8303/8000 002 Firmware 22 Wago 752 8303/8000 002 Firmware 23 Wago Pfc100 Firmware 16 Wago Pfc100 Firmware 20 Wago Pfc100 Firmware 22 Wago Pfc100 Firmware 23 Wago Pfc200 Firmware 16 Wago Pfc200 Firmware 20 Wago Pfc200 Firmware 22 Wago Pfc200 Firmware 23 Wago Touch Panel 600 Advanced Firmware 16 Wago Touch Panel 600 Advanced Firmware 22 Wago Touch Panel 600 Advanced Firmware 23 Wago Touch Panel 600 Marine Firmware 16 Wago Touch Panel 600 Marine Firmware 22 Wago Touch Panel 600 Marine Firmware 23 Wago Touch Panel 600 Standard Firmware 16 Wago Touch Panel 600 Standard Firmware 22 Wago Touch Panel 600 Standard Firmware 23	30
Hardware	Wago Wago 751 9301 - Wago 752 8303/8000 002 - Wago Pfc100 - Wago Pfc200 - Wago Touch Panel 600 Advanced - Wago Touch Panel 600 Marine - Wago Touch Panel 600 Standard -	7

Summary

Vulnerable Configurations

References