750-8202 Firmware Security Vulnerabilities and Issues — 750-8202 Firmware CVE List

Lucene search

Wago750-8202 Firmware

10 matches found

CVE•added 2022/03/09 8:15 p.m.•83 views

CVE-2022-22511

Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.

5.4CVSS5.4AI score0.00071EPSS

CVE•added 2022/11/09 4:15 p.m.•71 views

CVE-2021-34566

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.

9.1CVSS9.4AI score0.00211EPSS

CVE•added 2022/11/09 4:15 p.m.•61 views

CVE-2021-34568

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.

7.5CVSS7.6AI score0.00273EPSS

CVE•added 2022/11/09 4:15 p.m.•57 views

CVE-2021-34567

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.

8.2CVSS8.2AI score0.00865EPSS

CVE•added 2022/11/09 4:15 p.m.•53 views

CVE-2021-34569

In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.

9.8CVSS9.6AI score0.00068EPSS

CVE•added 2022/12/26 7:15 p.m.•52 views

CVE-2020-12069

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2023/06/26 7:15 a.m.•44 views

CVE-2023-1619

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.

4.9CVSS5.1AI score0.00172EPSS

CVE•added 2021/05/24 11:15 a.m.•42 views

CVE-2021-21001

On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.

9.1CVSS7AI score0.00238EPSS

CVE•added 2021/05/24 11:15 a.m.•40 views

CVE-2021-21000

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.

7.5CVSS6.2AI score0.0013EPSS

CVE•added 2023/06/26 7:15 a.m.•38 views

CVE-2023-1620

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.

4.9CVSS5.1AI score0.00126EPSS