Known Vulnerabilities for products from Wago
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Wago".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Wago can be found at device.report : Wago
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-1490 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2023-5872 json | Not Provided | 2026-04-16 | 2026-04-16 | |
| CVE-2023-4089 json | On affected Wago products an remote attacker with administrative privileges can access files to which he has already access t... | 2.7 - LOW | 2023-10-17 | 2023-10-24 |
| CVE-2023-3379 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-20 | 2023-11-30 |
| CVE-2023-1698 json | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the de... | 9.8 - CRITICAL | 2023-05-15 | 2023-05-26 |
| CVE-2023-1620 json | Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device ... | 4.9 - MEDIUM | 2023-06-26 | 2023-07-11 |
| CVE-2023-1619 json | Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device ... | 4.9 - MEDIUM | 2023-06-26 | 2023-07-11 |
| CVE-2023-1150 json | Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the ... | 7.5 - HIGH | 2023-06-26 | 2023-07-06 |
| CVE-2022-45140 json | The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which c... | 9.8 - CRITICAL | 2023-02-27 | 2023-03-07 |
| CVE-2022-45139 json | A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information ... | 5.3 - MEDIUM | 2023-02-27 | 2023-03-07 |
| CVE-2022-45138 json | The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users... | 9.8 - CRITICAL | 2023-02-27 | 2023-03-07 |
| CVE-2022-45137 json | The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targ... | 6.1 - MEDIUM | 2023-02-27 | 2023-03-08 |
| CVE-2022-22511 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-09 | 2022-03-18 |
| CVE-2022-3843 json | In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorizati... | 9.1 - CRITICAL | 2023-02-16 | 2023-11-07 |
| CVE-2022-3738 json | The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might c... | 5.9 - MEDIUM | 2023-01-19 | 2023-11-07 |
| CVE-2022-3281 json | WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are pron... | 7.5 - HIGH | 2022-10-17 | 2022-11-04 |
| CVE-2021-46388 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability (fails CNT2) - Has no imp... | Not Provided | 2022-02-16 | 2023-11-07 |
| CVE-2021-46380 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: This is a duplicate to CVE-2022-22511 Notes: | Not Provided | 2022-03-04 | 2023-11-07 |
| CVE-2021-34581 json | Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880... | 7.5 - HIGH | 2021-08-31 | 2021-09-09 |
| CVE-2021-34578 json | This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sendin... | 8.1 - HIGH | 2021-08-31 | 2021-09-08 |
Known software with vulnerabilities from Wago
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Wago | 750-362 | - |
| Operating System | Wago | 750-362 Firmware | fw03 |
| Hardware | Wago | 750-363 | - |
| Operating System | Wago | 750-363 Firmware | fw03 |
| Hardware | Wago | 750-823 | - |
| Operating System | Wago | 750-823 Firmware | fw03 |
| Operating System | Wago | 750-831 Firmware | fw07 |
| Hardware | Wago | 750-832 | - |
| Operating System | Wago | 750-832 Firmware | fw03 |
| Operating System | Wago | 750-852 Firmware | fw07 |
| Hardware | Wago | 750-862 | - |
| Operating System | Wago | 750-862 Firmware | fw03 |
| Operating System | Wago | 750-880 Firmware | fw07 |
| Operating System | Wago | 750-881 Firmware | fw07 |
| Operating System | Wago | 750-882 Firmware | fw07 |
| Operating System | Wago | 750-885 Firmware | fw07 |
| Operating System | Wago | 750-889 Firmware | fw07 |
| Hardware | Wago | 750-890 | - |
| Operating System | Wago | 750-890 Firmware | fw03 |
| Hardware | Wago | 750-891 | - |