A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
wago 751-9301 firmware |
||
wago 751-9301 firmware 22 |
||
wago 751-9301 firmware 23 |
||
wago 752-8303/8000-002 firmware |
||
wago 752-8303/8000-002 firmware 22 |
||
wago 752-8303/8000-002 firmware 23 |
||
wago pfc100 firmware |
||
wago pfc100 firmware 22 |
||
wago pfc100 firmware 23 |
||
wago pfc200 firmware |
||
wago pfc200 firmware 22 |
||
wago pfc200 firmware 23 |
||
wago touch panel 600 advanced firmware |
||
wago touch panel 600 advanced firmware 22 |
||
wago touch panel 600 advanced firmware 23 |
||
wago touch panel 600 marine firmware |
||
wago touch panel 600 marine firmware 22 |
||
wago touch panel 600 marine firmware 23 |
||
wago touch panel 600 standard firmware |
||
wago touch panel 600 standard firmware 22 |
||
wago touch panel 600 standard firmware 23 |
Vulmon