Vulnerabilities > Wago > Edge Controller Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-3379 Incorrect Authorization vulnerability in Wago products
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.
local
low complexity
wago CWE-863
5.3
2023-01-19 CVE-2022-3738 Missing Authentication for Critical Function vulnerability in Wago products
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists.
network
high complexity
wago CWE-306
5.9