CVE-2021-34584 — CVSS 9.1 (critical): Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a…
CVE-2021-21001 — CVSS 9.1 (critical): On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device…
CVE-2021-34595 — CVSS 8.1 (high): A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and…
CVE-2021-34585 — CVSS 7.5 (high): In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not…
CVE-2020-12516 — CVSS 7.5 (high): Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
CVE-2021-30191 — CVSS 7.5 (high): CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
CVE-2021-34583 — CVSS 7.5 (high): Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a…
CVE-2021-34586 — CVSS 7.5 (high): In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server…
CVE-2021-34596 — CVSS 6.5 (medium): A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to…
CVE-2018-8836 — CVSS 5.3 (medium): Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3…
CVE-2021-21000 — CVSS 5.3 (medium): On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could…
CVE-2021-30187 — CVSS 5.3 (medium): CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
CVE-2023-1619 — CVSS 4.9 (medium): Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a…
CVE-2023-1620 — CVSS 4.9 (medium): Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a…