Vulnerabilities > Wago > 762 6303 8000 002 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2021-34566 Classic Buffer Overflow vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
network
low complexity
wago CWE-120
critical
9.1
2022-11-09 CVE-2021-34567 Out-of-bounds Read vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
network
low complexity
wago CWE-125
8.2
2022-11-09 CVE-2021-34568 Allocation of Resources Without Limits or Throttling vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
network
low complexity
wago CWE-770
7.5
2022-11-09 CVE-2021-34569 Out-of-bounds Write vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
network
low complexity
wago CWE-787
critical
9.8
2022-10-17 CVE-2022-3281 Expected Behavior Violation vulnerability in Wago products
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot.
network
low complexity
wago CWE-440
7.5
2022-03-09 CVE-2022-22511 Cross-site Scripting vulnerability in Wago products
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks.
network
wago CWE-79
3.5