Known Vulnerabilities for products from Wago
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Wago".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Wago can be found at device.report : Wago
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22511 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-09 | 2022-03-18 |
| CVE-2021-34581 | Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880... | 7.5 - HIGH | 2021-08-31 | 2021-09-09 |
| CVE-2021-34578 | This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sendin... | 8.1 - HIGH | 2021-08-31 | 2021-09-08 |
| CVE-2021-34569 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-11-09 | 2023-11-07 |
| CVE-2021-34568 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-11-09 | 2023-11-07 |
| CVE-2021-34567 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.2 - HIGH | 2022-11-09 | 2023-11-07 |
| CVE-2021-34566 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.1 - CRITICAL | 2022-11-09 | 2023-11-07 |
| CVE-2021-21001 | On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access... | 6.5 - MEDIUM | 2021-05-24 | 2021-05-28 |
| CVE-2021-21000 | On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the dev... | 7.5 - HIGH | 2021-05-24 | 2021-05-28 |
| CVE-2021-20998 | In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is pos... | 9.8 - CRITICAL | 2021-05-13 | 2021-05-20 |
| CVE-2021-20997 | In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Ma... | 7.5 - HIGH | 2021-05-13 | 2021-05-20 |
| CVE-2021-20996 | In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to ... | 5.3 - MEDIUM | 2021-05-13 | 2021-05-20 |
| CVE-2021-20995 | In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials... | 7.5 - HIGH | 2021-05-13 | 2021-05-20 |
| CVE-2021-20994 | In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject ... | 6.1 - MEDIUM | 2021-05-13 | 2021-05-20 |
| CVE-2021-20993 | In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the inde... | 5.3 - MEDIUM | 2021-05-13 | 2021-05-20 |
| CVE-2020-12525 | M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserializ... | 7.8 - HIGH | 2021-01-22 | 2022-02-10 |
| CVE-2020-12522 | The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted pac... | 9.8 - CRITICAL | 2020-12-17 | 2020-12-23 |
| CVE-2020-12516 | Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of se... | 7.5 - HIGH | 2020-12-10 | 2022-10-08 |
| CVE-2020-12506 | Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the setting... | 9.1 - CRITICAL | 2020-09-30 | 2021-11-17 |
| CVE-2020-12505 | Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some specia... | 8.2 - HIGH | 2020-09-30 | 2021-11-17 |
Known software with vulnerabilities from Wago
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Wago | 750-362 | - |
| Operating System | Wago | 750-362 Firmware | fw03 |
| Hardware | Wago | 750-363 | - |
| Operating System | Wago | 750-363 Firmware | fw03 |
| Hardware | Wago | 750-823 | - |
| Operating System | Wago | 750-823 Firmware | fw03 |
| Operating System | Wago | 750-831 Firmware | fw07 |
| Hardware | Wago | 750-832 | - |
| Operating System | Wago | 750-832 Firmware | fw03 |
| Operating System | Wago | 750-852 Firmware | fw07 |
| Hardware | Wago | 750-862 | - |
| Operating System | Wago | 750-862 Firmware | fw03 |
| Operating System | Wago | 750-880 Firmware | fw07 |
| Operating System | Wago | 750-881 Firmware | fw07 |
| Operating System | Wago | 750-882 Firmware | fw07 |
| Operating System | Wago | 750-885 Firmware | fw07 |
| Operating System | Wago | 750-889 Firmware | fw07 |
| Hardware | Wago | 750-890 | - |
| Operating System | Wago | 750-890 Firmware | fw03 |
| Hardware | Wago | 750-891 | - |