Wago 751-9301 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Wago 751-9301 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-45138 — CVSS 9.8 (critical): The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be…
CVE-2022-45140 — CVSS 9.8 (critical): The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to…
CVE-2022-3281 — CVSS 7.5 (high): WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of…
CVE-2022-45137 — CVSS 6.1 (medium): The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users…
CVE-2022-22511 — CVSS 5.4 (medium): Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user…
CVE-2022-45139 — CVSS 5.3 (medium): A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the…