Vulnerabilities > Wago > 0852 1305 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2021-20993 | Information Exposure vulnerability in Wago products In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory. | 5.3 |
| 2021-05-13 | CVE-2021-20994 | Cross-site Scripting vulnerability in Wago products In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management. | 6.1 |
| 2021-05-13 | CVE-2021-20996 | Incorrect Permission Assignment for Critical Resource vulnerability in Wago products In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties. | 5.3 |