Skip to main content

Pfc100 Firmware

3 CVEs product

Monthly

CVE-2023-3379 MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-4089 LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-1698 CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
82.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 0% CVSS 2.7
LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 82% CVSS 9.8
CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy