49 matches found
CVE-2019-18202
Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests...
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET...
EUVD-2021-21231
Malware in sbrugna...
EUVD-2020-4824
Malware in sbrugna...
EUVD-2019-4144
Malware in sbrugna...
EUVD-2019-4145
Malware in sbrugna...
EUVD-2023-23852
Malicious code in bioql PyPI...
EUVD-2023-23851
Malicious code in bioql PyPI...
EUVD-2022-42677
Malicious code in bioql PyPI...
CVE-2023-1620
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime...
CVE-2023-1619
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet...
CVE-2024-41972 WAGO: Arbitrary File Overwrite Leading to Privileged File Read in Multiple Devices
A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges...
WAGO多款产品 安全漏洞
WAGO PFC100 and others are products of WAGO, Germany.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in several WAGO products. The vulnerability originates fro...
CVE-2018-25090 Wago: Improper Neutralization of Input During Web Page Generation in multiple devices
An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of availability...
VulnCheck KEV: CVE-2023-1698
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise...
CVE-2023-1619
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet...
CVE-2023-1619
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet...
CVE-2023-1620
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime...
CVE-2023-1620
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime...
Design/Logic Flaw
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime...