A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
wago 751-9301_firmware |
||
wago 751-9301_firmware 22 |
||
wago 751-9301_firmware 23 |
||
wago 752-8303\\/8000-002_firmware |
||
wago 752-8303\\/8000-002_firmware 22 |
||
wago 752-8303\\/8000-002_firmware 23 |
||
wago pfc100_firmware |
||
wago pfc100_firmware 22 |
||
wago pfc100_firmware 23 |
||
wago pfc200_firmware |
||
wago pfc200_firmware 22 |
||
wago pfc200_firmware 23 |
||
wago touch_panel_600_advanced_firmware |
||
wago touch_panel_600_advanced_firmware 22 |
||
wago touch_panel_600_advanced_firmware 23 |
||
wago touch_panel_600_marine_firmware |
||
wago touch_panel_600_marine_firmware 22 |
||
wago touch_panel_600_marine_firmware 23 |
||
wago touch_panel_600_standard_firmware |
||
wago touch_panel_600_standard_firmware 22 |
||
wago touch_panel_600_standard_firmware 23 |
Vulmon