Vulnerabilities > Wago > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-26 | CVE-2023-1620 | Unspecified vulnerability in Wago products Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. | 4.9 |
| 2023-01-19 | CVE-2022-3738 | Unspecified vulnerability in Wago products The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. | 5.9 |
| 2022-03-09 | CVE-2022-22511 | Unspecified vulnerability in Wago products Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. | 5.4 |
| 2021-05-24 | CVE-2021-21001 | Path Traversal vulnerability in Wago products On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. | 6.5 |
| 2021-05-13 | CVE-2021-20993 | Information Exposure vulnerability in Wago products In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory. | 5.3 |
| 2021-05-13 | CVE-2021-20994 | Cross-site Scripting vulnerability in Wago products In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management. | 6.1 |
| 2021-05-13 | CVE-2021-20996 | Incorrect Permission Assignment for Critical Resource vulnerability in Wago products In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties. | 5.3 |
| 2020-03-12 | CVE-2019-5177 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 5.5 |
| 2020-03-12 | CVE-2019-5176 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 5.5 |
| 2020-03-11 | CVE-2019-5182 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 5.5 |