What is the CVSS score of CVE-2026-2328?

CVE-2026-2328 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

CVE-2026-2328

EUVD-2026-17064 HIGH

Improper Filtering of Special Elements (CWE-790)

2026-03-30 CERTVDE

Path Traversal

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:11 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

1.2.2,2.4.2

EUVD ID Assigned

Mar 30, 2026 - 07:30 euvd

EUVD-2026-17064

Analysis Generated

Mar 30, 2026 - 07:30 vuln.today

CVE Published

Mar 30, 2026 - 06:55 nvd

HIGH 7.5

DescriptionNVD

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

AnalysisAI

Path traversal in WAGO Device Sphere and Solution Builder allows unauthenticated remote attackers to access backend components and expose sensitive information. The vulnerability stems from insufficient input validation (CWE-790), enabling attackers to bypass intended access boundaries with low complexity over network vectors. …

RemediationAI

Within 24 hours: Identify all WAGO Device Sphere and Solution Builder installations in your environment and document current versions. Within 7 days: Contact WAGO for patch availability and version details; immediately apply vendor-released patch to all affected instances in non-production environments first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-2328 vulnerability details – vuln.today

Back

CVE-2026-2328

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code