Skip to main content

Touch Panel 600 Standard Firmware

4 CVEs product

Monthly

CVE-2023-3379 MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-4089 LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware Pfc200 Firmware +3
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-1698 CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware Edge Controller Firmware Pfc100 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
82.0%
CVE-2020-12522 CRITICAL Act Now

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Pfc 100 Firmware Pfc 200 Firmware Touch Panel 600 Standard Firmware Touch Panel 600 Advanced Firmware +1
NVD
CVSS 3.1
9.8
EPSS
2.9%
EPSS 0% CVSS 5.3
MEDIUM This Month

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 0% CVSS 2.7
LOW Monitor

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Compact Controller 100 Firmware Edge Controller Firmware +5
NVD
EPSS 82% CVSS 9.8
CRITICAL POC THREAT Act Now

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Command Injection Compact Controller 100 Firmware +6
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Pfc 100 Firmware Pfc 200 Firmware +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy