Wago Touch Panel 600 Marine Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Wago Touch Panel 600 Marine Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2020-12522 — CVSS 10.0 (critical): The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO…
CVE-2023-1698 — CVSS 9.8 (critical): In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device…
CVE-2022-45138 — CVSS 9.8 (critical): The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be…
CVE-2022-45140 — CVSS 9.8 (critical): The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to…
CVE-2022-45137 — CVSS 6.1 (medium): The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users…
CVE-2022-3738 — CVSS 5.9 (medium): The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain…
CVE-2022-45139 — CVSS 5.3 (medium): A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the…
CVE-2023-3379 — CVSS 5.3 (medium): Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of…
CVE-2023-4089 — CVSS 2.7 (low): On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an…