Skip to main content

750 362 Firmware

4 CVEs product

Monthly

CVE-2023-1150 HIGH This Week

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 750 363 040 000 Firmware 750 362 040 000 Firmware 750 362 000 001 Firmware 750 891 Firmware +14
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-34578 HIGH This Week

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass 750 890 040 000 Firmware 750 890 025 001 Firmware 750 890 025 002 Firmware 750 890 025 000 Firmware +8
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-12506 CRITICAL Act Now

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 750 362 Firmware 750 363 Firmware 750 823 Firmware 750 832 Firmware +3
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2018-16210 MEDIUM POC This Month

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 750 362 Firmware 750 363 Firmware 750 823 Firmware 750 832 Firmware +10
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.0%
EPSS 1% CVSS 7.5
HIGH This Week

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 750 363 040 000 Firmware 750 362 040 000 Firmware +16
NVD
EPSS 1% CVSS 8.1
HIGH This Week

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass 750 890 040 000 Firmware 750 890 025 001 Firmware +10
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 750 362 Firmware 750 363 Firmware +5
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 750 362 Firmware 750 363 Firmware +12
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy