CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

wago

750-363_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2021-34578

CRITICAL9.8

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07.

wago / 750-890\/040-000_firmware+11

Network

Published Aug 31, 2021

CVE-2020-12506

CRITICAL9.1

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions.

wago / 750-362_firmware+6

Network

Published Sep 30, 2020

CVE-2023-1150

HIGH7.5

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.

wago / 750-363\/040-000_firmware+17

Network

Published Jun 26, 2023

CVE-2018-16210

MEDIUM6.1

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.

wago / 750-362_firmware+14

Network

Published Oct 12, 2018