Vulnerabilities > Wago > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-16 | CVE-2022-3843 | Unspecified vulnerability in Wago 852-111/000-001 Firmware 01 In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters. | 9.1 |
2021-05-13 | CVE-2021-20998 | Missing Authentication for Critical Function vulnerability in Wago products In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users. | 9.8 |
2020-12-17 | CVE-2020-12522 | OS Command Injection vulnerability in Wago products The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10. | 9.8 |
2020-03-11 | CVE-2019-5161 | Insufficient Verification of Data Authenticity vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14) An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). | 9.1 |
2020-03-11 | CVE-2019-5160 | Unspecified vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14) An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). | 9.1 |
2020-02-03 | CVE-2020-8597 | Classic Buffer Overflow vulnerability in multiple products eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. | 9.8 |
2020-01-08 | CVE-2019-5082 | Out-of-bounds Write vulnerability in Wago Pfc100 Firmware and Pfc200 Firmware An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.8 |
2019-12-18 | CVE-2019-5080 | Missing Authentication for Critical Function vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.1 |
2019-12-18 | CVE-2019-5079 | Out-of-bounds Write vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.8 |
2019-12-18 | CVE-2019-5078 | Missing Authentication for Critical Function vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.1 |