Search
Search Results (4 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-1490 | 1 Wago | 13 Cc100 (0751-9x01), Edge Controller (0752-8303-8000-0002), Pfc100 G1 (0750-810-xxxx-xxxx) and 10 more | 2026-04-10 | 7.2 High |
| An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on the device. | ||||
| CVE-2025-41713 | 1 Wago | 1 Cc100 | 2025-09-17 | 6.5 Medium |
| During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration. | ||||
| CVE-2024-41967 | 1 Wago | 5 Cc100, Edge Controller, Pfc100 and 2 more | 2025-08-27 | 8.1 High |
| A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack. | ||||
| CVE-2022-3738 | 1 Wago | 14 Cc100, Cc100 Firmware, Edge Controller and 11 more | 2025-04-02 | 5.9 Medium |
| The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull. | ||||
Page 1 of 1.