The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated malicious user to read and set several device parameters that can lead to full compromise of the device.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
wago 751-9301_firmware |
||
wago 751-9301_firmware 22 |
||
wago 751-9301_firmware 23 |
||
wago 752-8303\\/8000-002_firmware |
||
wago 752-8303\\/8000-002_firmware 22 |
||
wago 752-8303\\/8000-002_firmware 23 |
||
wago pfc100_firmware |
||
wago pfc100_firmware 22 |
||
wago pfc100_firmware 23 |
||
wago pfc200_firmware |
||
wago pfc200_firmware 22 |
||
wago pfc200_firmware 23 |
||
wago touch_panel_600_advanced_firmware |
||
wago touch_panel_600_advanced_firmware 22 |
||
wago touch_panel_600_advanced_firmware 23 |
||
wago touch_panel_600_marine_firmware |
||
wago touch_panel_600_marine_firmware 22 |
||
wago touch_panel_600_marine_firmware 23 |
||
wago touch_panel_600_standard_firmware |
||
wago touch_panel_600_standard_firmware 22 |
||
wago touch_panel_600_standard_firmware 23 |
Vulmon