Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.6 views

The vulnerability of the WAGO Device Manager software in terms of controller configuration and parameter setting lies in the lack of authentication for critical functions. This allows attackers to gain unauthorized access to the file system.

The vulnerability of the WAGO Device Manager software for configuring and parameterizing controllers is related to the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the file system by sending...

7.8CVSS5.5AI score0.00402EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.8 views

The vulnerability of the WAGO Device Manager software in terms of configuration and parameter setting allows a malicious individual to gain unauthorized access to the file system. This vulnerability is related to errors in configuring CORS policies.

The vulnerability of the WAGO Device Manager software for configuring and parameterizing controllers is related to errors in configuring CORS policies. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to the file system by sending specially crafted requests...

9CVSS5.4AI score0.00386EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/16 9:45 a.m.4 views

CVE-2025-25264 Overly Permissive CORS Policy in WAGO Device Manager

An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...

6.5CVSS6.5AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2025/06/16 9:45 a.m.43 views

CVE-2025-25264

CVE-2025-25264 describes an unauthenticated remote attack against WAGO Device Manager, where an attacker can trick an admin to visit a page containing malicious JavaScript. The root cause is an overly permissive CORS policy that allows access to files on the affected system, enabling potential di...

6.5CVSS6.5AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/16 9:45 a.m.22 views

CVE-2025-25264 Overly Permissive CORS Policy in WAGO Device Manager

An unauthenticated remote attacker can trick an admin to visit a website containing malicious java script code. The current overly permissive CORS policy allows the attacker to obtain any files from the file system...

6.5CVSS0.00386EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/16 12:0 a.m.6 views

WAGO Device Manager 安全漏洞

WAGO Device Manager is a device manager software from WAGO. A security vulnerability exists in WAGO Device Manager that stems from the current overly lax CORS policy and could lead to the disclosure of sensitive data...

6.5CVSS6.4AI score0.00386EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/16 12:0 a.m.3 views

WAGO Device Manager 访问控制错误漏洞

WAGO Device Manager is owned by WAGO Germany. An access control error vulnerability exists in WAGO Device Manager that originates from an unauthenticated, remote attacker being able to read system files...

4.9CVSS6.7AI score0.00402EPSS
Exploits0References2
Rows per page
Query Builder