Vulnerabilities > Wago > Pfc100 Firmware > 03.01.07.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-20 | CVE-2023-3379 | Unspecified vulnerability in Wago products Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. | 5.3 |
2020-03-11 | CVE-2019-5149 | Resource Exhaustion vulnerability in Wago Pfc100 Firmware and Pfc200 Firmware The WBM web application on firmwares prior to 03.02.02 and 03.01.07 on the WAGO PFC100 and PFC2000, respectively, runs on a lighttpd web server and makes use of the FastCGI module, which is intended to provide high performance for all Internet applications without the penalties of Web server APIs. | 5.0 |