Vulnerabilities > Wago > 750 8202 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-1620 Unspecified vulnerability in Wago products
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
network
low complexity
wago
4.9
2022-12-26 CVE-2020-12069 Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm.
local
low complexity
pilz codesys festo wago CWE-916
7.8
2022-03-09 CVE-2022-22511 Unspecified vulnerability in Wago products
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks.
network
low complexity
wago
5.4
2021-05-24 CVE-2021-21000 Allocation of Resources Without Limits or Throttling vulnerability in Wago products
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.
network
low complexity
wago CWE-770
7.5
2021-05-24 CVE-2021-21001 Path Traversal vulnerability in Wago products
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.
network
low complexity
wago CWE-22
6.5