Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Wago Subscribe
Filtered by product 0852-0303
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20994 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 4.3 MEDIUM 6.1 MEDIUM
In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.
CVE-2021-20995 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 5.0 MEDIUM 7.5 HIGH
In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials.
CVE-2021-20996 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 5.0 MEDIUM 5.3 MEDIUM
In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.
CVE-2021-20997 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 5.0 MEDIUM 7.5 HIGH
In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.
CVE-2021-20998 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 7.5 HIGH 9.8 CRITICAL
In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.
CVE-2021-20993 1 Wago 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more 2021-05-20 5.0 MEDIUM 5.3 MEDIUM
In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.