EUVD-2021-8403

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

An attacker can trick users into injecting malicious code via links in WAGO managed switches.

Reporter	Title	Published	Views	Family All 6
CNNVD	WAGO 跨站脚本漏洞	13 May 202100:00	–	cnnvd
CNVD	WAGO Cross-Site Scripting Vulnerability	14 May 202100:00	–	cnvd
CVE	CVE-2021-20994	13 May 202113:45	–	cve
Cvelist	CVE-2021-20994 WAGO: Managed Switches: Reflected Cross-site Scripting	13 May 202113:45	–	cvelist
NVD	CVE-2021-20994	13 May 202114:15	–	nvd
Prion	Code injection	13 May 202114:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "0459b676-a176-31e3-b5a6-edb42c064547",
        "vendor": {
          "name": "WAGO"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "10c1b2c3-b68d-3129-94e5-cd110460378f",
        "product": {
          "name": "0852-1505"
        },
        "product_version": "unspecified ≤V1.1.6.S0"
      },
      {
        "id": "3a0faada-4ff6-362f-977c-40dfd0a7d920",
        "product": {
          "name": "0852-1305/000-001"
        },
        "product_version": "unspecified ≤V1.0.4.S0"
      },
      {
        "id": "58488f4e-e723-3d82-a128-5a4d6fe37961",
        "product": {
          "name": "0852-1505/000-001"
        },
        "product_version": "unspecified ≤V1.0.4.S0"
      },
      {
        "id": "a4c0bacc-a188-32cd-8b68-22c5e858f4b1",
        "product": {
          "name": "0852-1305"
        },
        "product_version": "unspecified ≤V1.1.7.S0"
      },
      {
        "id": "dfa9b972-1173-3f31-a85e-4e06f1a8fb88",
        "product": {
          "name": "0852-0303"
        },
        "product_version": "unspecified ≤V1.2.3.S0"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2021-013

03 Oct 2025 20:07Current

7.1High risk

Vulners AI Score7.1

CVSS 3.16.1 - 8.8

CVSS 24.3

EPSS0.00391