Vulnerabilities > Wago > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-18 | CVE-2019-5075 | Out-of-bounds Write vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.8 |
2019-12-18 | CVE-2019-5081 | Out-of-bounds Write vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). | 9.8 |
2019-12-18 | CVE-2019-5077 | Missing Authentication for Critical Function vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable denial-of-service vulnerability exists in the iocheckd service ‘’I/O-Chec’’ functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12). | 9.1 |
2019-12-18 | CVE-2019-5074 | Out-of-bounds Write vulnerability in Wago PFC 100 Firmware and PFC 200 Firmware An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12) and WAGO PFC100 Firmware version 03.00.39(12). | 9.8 |
2019-06-17 | CVE-2019-12550 | Use of Hard-coded Credentials vulnerability in Wago products WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET. | 9.8 |
2019-06-17 | CVE-2019-12549 | Use of Hard-coded Credentials vulnerability in Wago products WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. | 9.8 |
2019-05-07 | CVE-2019-10712 | Use of Hard-coded Credentials vulnerability in Wago products The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. | 9.8 |
2018-02-13 | CVE-2018-5459 | Improper Authentication vulnerability in Wago Pfc200 Firmware An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. | 9.8 |
2017-08-22 | CVE-2015-6473 | 7PK - Security Features vulnerability in Wago 750-849 Firmware and 758-870 Firmware WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation. | 9.8 |
2017-08-22 | CVE-2015-6472 | Credentials Management vulnerability in Wago products WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management. | 9.8 |