Skip to main content

Pfc200 Firmware

6 CVEs product

Monthly

CVE-2023-3379 MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-4089 LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-1698 CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
82.0%
CVE-2020-6090 HIGH This Week

An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Pfc200 Firmware
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2018-5459 CRITICAL Act Now

An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pfc200 Firmware
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2016-9362 CRITICAL Act Now

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pfc200 Firmware 750 Xxxx Series Firmware 758 Xxxx Series Firmware
NVD
CVSS 3.0
9.1
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 0% CVSS 2.7
LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 82% CVSS 9.8
CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware +6
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Pfc200 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pfc200 Firmware
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pfc200 Firmware 750 Xxxx Series Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy