Vulnerabilities (CVE)

Filtered by vendor Wago Subscribe
Filtered by product 0852-1305
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20998 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 7.5 HIGH 10.0 CRITICAL
In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.
CVE-2021-20997 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.
CVE-2021-20996 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.
CVE-2021-20995 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials.
CVE-2021-20994 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 4.3 MEDIUM 8.8 HIGH
In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.
CVE-2021-20993 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.