Wago

0852-1305 Firmware

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-20995

  • EPSS 0.13%
  • Published 13.05.2021 14:15:18
  • Last modified 21.11.2024 05:47:21

In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials.

5.3

CVE-2021-20996

  • EPSS 0.21%
  • Published 13.05.2021 14:15:18
  • Last modified 21.11.2024 05:47:22

In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.

7.5

CVE-2021-20997

  • EPSS 0.25%
  • Published 13.05.2021 14:15:18
  • Last modified 21.11.2024 05:47:22

In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.

9.8

CVE-2021-20998

  • EPSS 0.14%
  • Published 13.05.2021 14:15:18
  • Last modified 21.11.2024 05:47:22

In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

5.3

CVE-2021-20993

  • EPSS 0.23%
  • Published 13.05.2021 14:15:17
  • Last modified 21.11.2024 05:47:21

In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.

6.1

CVE-2021-20994

  • EPSS 0.39%
  • Published 13.05.2021 14:15:17
  • Last modified 21.11.2024 05:47:21

In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.