Vulnerabilities (CVE)

Filtered by vendor Wago Subscribe
Filtered by product 750-8100 Firmware
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3281 1 Wago 156 750-8100, 750-8100 Firmware, 750-8101 and 153 more 2024-11-21 N/A 7.5 HIGH
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.
CVE-2022-22511 1 Wago 49 750-8100, 750-8100 Firmware, 750-8101 and 46 more 2024-11-21 3.5 LOW 5.4 MEDIUM
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.
CVE-2021-34569 1 Wago 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more 2024-11-21 N/A 9.8 CRITICAL
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
CVE-2021-34568 1 Wago 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more 2024-11-21 N/A 7.5 HIGH
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
CVE-2021-34567 1 Wago 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more 2024-11-21 N/A 8.2 HIGH
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
CVE-2021-34566 1 Wago 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more 2024-11-21 N/A 9.1 CRITICAL
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
CVE-2020-12069 4 Codesys, Festo, Pilz and 1 more 114 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 111 more 2024-11-21 N/A 7.8 HIGH
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.