Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1620 | 1 Wago | 152 750-331, 750-331 Firmware, 750-8202 and 149 more | 2023-12-10 | N/A | 4.9 MEDIUM |
| Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. | |||||
| CVE-2023-1619 | 1 Wago | 152 750-331, 750-331 Firmware, 750-8202 and 149 more | 2023-12-10 | N/A | 4.9 MEDIUM |
| Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. | |||||
| CVE-2022-3281 | 1 Wago | 156 750-8100, 750-8100 Firmware, 750-8101 and 153 more | 2023-12-10 | N/A | 7.5 HIGH |
| WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter. | |||||
| CVE-2021-34567 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2023-12-10 | N/A | 8.2 HIGH |
| In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read. | |||||
| CVE-2021-34569 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. | |||||
| CVE-2021-34566 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2023-12-10 | N/A | 9.1 CRITICAL |
| In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS. | |||||
| CVE-2021-34568 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2023-12-10 | N/A | 7.5 HIGH |
| In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. | |||||
| CVE-2022-22511 | 1 Wago | 49 750-8100, 750-8100 Firmware, 750-8101 and 46 more | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised. | |||||
| CVE-2020-12522 | 1 Wago | 42 750-8101\/025-000, 750-8102\/025-000, 750-8202\/000-012 and 39 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10. | |||||