The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWago 751 9301
HWWagowszystkie wersjeWago 751 9301 Firmware
OSWago222316 – 22 (bez)Wago 752 8303\/8000 002
HWWagowszystkie wersjeWago 752 8303\/8000 002 Firmware
OSWago222318 – 22 (bez)Wago Pfc100
HWWagowszystkie wersjeWago Pfc100 Firmware
OSWago222316 – 22 (bez)Wago Pfc200
HWWagowszystkie wersjeWago Pfc200 Firmware
OSWago222316 – 22 (bez)Wago Touch Panel 600 Advanced
HWWagowszystkie wersjeWago Touch Panel 600 Advanced Firmware
OSWago222316 – 22 (bez)Wago Touch Panel 600 Marine
HWWagowszystkie wersjeWago Touch Panel 600 Marine Firmware
OSWago222316 – 22 (bez)Wago Touch Panel 600 Standard
HWWagowszystkie wersjeWago Touch Panel 600 Standard Firmware
OSWago222316 – 22 (bez)
Powiązane podatności
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users an...
The configuration backend of the web-based management can be used by unauthenticated users, although only auth...
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted...
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS c...
The reported vulnerability allows an attacker who has network access to the device to execute code with specia...