WAGO PFC200 Firmware

CPE Details

WAGO PFC200 Firmware
wago
pfc200_firmware
-
2017-03-14
22h33 +00:00
2021-05-20
13h31 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:wago:pfc200_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

wago

Product

pfc200_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-3379 2023-11-20 07h23 +00:00 Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.
5.3
Moyen
CVE-2018-5459 2018-02-13 20h00 +00:00 An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.
9.8
Critique
CVE-2016-9362 2017-02-13 20h00 +00:00 An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to edit and to view settings without authenticating.
9.1
Critique