Note:
This project will be discontinued after December 13, 2021. [more]
Product:
750\-362_firmware
(Wago)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-10-12 | CVE-2018-16210 | WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. | 750\-352_firmware, 750\-362_firmware, 750\-363_firmware, 750\-823_firmware, 750\-831_firmware, 750\-832_firmware, 750\-852_firmware, 750\-862_firmware, 750\-880_firmware, 750\-881_firmware, 750\-889_firmware, 750\-890_firmware, 750\-891_firmware, Wago_750\-881_ethernet_controller_devices_firmware | 6.1 | ||
| 2021-08-31 | CVE-2021-34578 | This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. | 750\-362_firmware, 750\-363_firmware, 750\-823_firmware, 750\-832\/000\-002_firmware, 750\-832_firmware, 750\-862_firmware, 750\-890\/025\-000_firmware, 750\-890\/025\-001_firmware, 750\-890\/025\-002_firmware, 750\-890\/040\-000_firmware, 750\-891_firmware, 750\-893_firmware | 8.1 | ||
| 2023-06-26 | CVE-2023-1150 | Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. | 750\-362\/000\-001_firmware, 750\-362\/040\-000_firmware, 750\-362_firmware, 750\-363\/040\-000_firmware, 750\-363_firmware, 750\-364\/040\-010_firmware, 750\-365\/040\-010_firmware, 750\-823_firmware, 750\-832\/000\-002_firmware, 750\-832_firmware, 750\-862_firmware, 750\-890\/025\-000_firmware, 750\-890\/025\-001_firmware, 750\-890\/025\-002_firmware, 750\-890\/040\-000_firmware, 750\-890_firmware, 750\-891_firmware, 750\-893_firmware | N/A | ||
| 2020-09-30 | CVE-2020-12506 | Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions. | 750\-362_firmware, 750\-363_firmware, 750\-823_firmware, 750\-832_firmware, 750\-862_firmware, 750\-890_firmware, 750\-891_firmware | 9.1 |