Vulnerabilities > Wago

DATE CVE VULNERABILITY TITLE RISK
2020-12-17 CVE-2020-12522 OS Command Injection vulnerability in Wago products
The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.
network
low complexity
wago CWE-78
critical
10.0
2020-12-10 CVE-2020-12516 Unspecified vulnerability in Wago products
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
network
low complexity
wago
5.0
2020-09-30 CVE-2020-12506 Improper Authentication vulnerability in Wago products
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362 version FW03 and prior versions.
network
low complexity
wago CWE-287
6.4
2020-09-30 CVE-2020-12505 Improper Authentication vulnerability in Wago products
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication.
network
low complexity
wago CWE-287
6.4
2020-06-11 CVE-2020-6090 Improper Privilege Management vulnerability in Wago Pfc200 Firmware 20003.03.10(15)
An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15).
network
low complexity
wago CWE-269
critical
9.0
2020-03-23 CVE-2019-5186 Classic Buffer Overflow vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200.
local
wago CWE-120
4.4
2020-03-23 CVE-2019-5185 Classic Buffer Overflow vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200.
local
wago CWE-120
4.4
2020-03-23 CVE-2019-5184 Double Free vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable double free vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200.
local
low complexity
wago CWE-415
4.6
2020-03-12 CVE-2019-5181 Out-Of-Bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-787
4.6
2020-03-12 CVE-2019-5180 Out-Of-Bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-787
4.6