CPE-224F7228-0FB8-4DF0-85D7-2EC9FCAB7FBC Détail

CPE Details

WAGO 752-8303/8000-002 Firmware 18

Vendor

wago

Product

752-8303\/8000-002_firmware

Version

Created

2022-11-15
23h57 +00:00

Modifié

2023-05-05
15h31 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:o:wago:752-8303\/8000-002_firmware:18:-::::::

Informations

Vendor

wago

Product

752-8303\/8000-002_firmware

Version

Update

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2022-45140	2023-02-27 14h36 +00:00	The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.	9.8	Critique
CVE-2022-45139	2023-02-27 14h36 +00:00	A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.	5.3	Moyen
CVE-2022-45138	2023-02-27 14h36 +00:00	The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.	9.8	Critique
CVE-2022-45137	2023-02-27 14h36 +00:00	The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.	6.1	Moyen
CVE-2021-34569	2022-11-09 15h17 +00:00	In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.	9.8	Critique
CVE-2021-34568	2022-11-09 15h17 +00:00	In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.	7.5	Haute
CVE-2021-34567	2022-11-09 15h17 +00:00	In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.	8.2	Haute
CVE-2021-34566	2022-11-09 15h17 +00:00	In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.	9.1	Critique

WAGO 752-8303/8000-002 Firmware 18

CPE Details

CPE Name: cpe:2.3:o:wago:752-8303\/8000-002_firmware:18:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:o:wago:752-8303\/8000-002_firmware:18:-::::::