26 matches found
WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328 安全漏洞
WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 are industrial-grade managed Ethernet switches from the German company WAGO. Both devices have security vulnerabilities. These vulnerabilities stem from the use of hardcoded keys for AES-ECB encryption, which...
WAGO Indsutrial-Managed-Switches 安全漏洞
WAGO Indsutrial-Managed-Switches is a series of high-performance network devices from WAGO, Germany. A security vulnerability exists in WAGO Indsutrial-Managed-Switches, which stems from an unsafe sscanf call in the checkcookie function, which could lead to full control of the device...
WAGO Indsutrial-Managed-Switches 安全漏洞
WAGO Indsutrial-Managed-Switches is a series of high-performance network devices from WAGO, Germany. A security vulnerability exists in WAGO Indsutrial-Managed-Switches, which stems from an unsafe sscanf call in the checkaccount function, which could lead to full control of the device...
EUVD-2021-8406
Malicious code in bioql PyPI...
EUVD-2021-8405
Malicious code in bioql PyPI...
EUVD-2021-8402
Malicious code in bioql PyPI...
EUVD-2021-8407
Malicious code in bioql PyPI...
CVE-2025-1235 WAGO: Switches affected by year 2k38 problem
A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970...
CVE-2025-1235
CVE-2025-1235 affects WAGO Fully Managed Switches. A low-privilege attacker can set the device date to Jan 19, 2038, triggering 32‑bit time overflow and the switch date rolling back to Jan 1, 1970. Public details in provided documents confirm the issue and lack of patch/version information; no re...
WAGO Fully Managed Switches 输入验证错误漏洞
WAGO Fully Managed Switches is a series of switches from WAGO Germany. An input validation error vulnerability exists in WAGO Fully Managed Switches that stems from mishandling of 32-bit time constraints, which can lead to date resets...
The vulnerability of the microprogramming software interface of WAGO Unmanaged Switches allows a intruder to gain unauthorized access to protected information.
The vulnerability of the microprogrammed software interface of WAGO Unmanaged Switches is related to the presence of undocumented configuration commands. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2021-20998
In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users...
CVE-2021-20996
In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties...
CVE-2021-20995
In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials...
CVE-2021-20995
In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials...
CVE-2021-20996
In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties...
CVE-2021-20997
In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users...
CVE-2021-20993
In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory...
CVE-2021-20994
In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management...
CVE-2021-20994
In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management...