In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.
2021-05-13T14:15:18.077
2024-11-21T05:47:22.233
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | wago | 0852-0303_firmware | ≤ 1.2.3.s0 | Yes |
| Hardware | wago | 0852-0303 | - | No |
| Operating System | wago | 0852-1305_firmware | ≤ 1.1.7.s0 | Yes |
| Hardware | wago | 0852-1305 | - | No |
| Operating System | wago | 0852-1505_firmware | ≤ 1.1.6.s0 | Yes |
| Hardware | wago | 0852-1505 | - | No |
| Operating System | wago | 0852-1305\/000-001_firmware | ≤ 1.0.4.s0 | Yes |
| Hardware | wago | 0852-1305\/000-001 | - | No |
| Operating System | wago | 0852-1505\/000-001_firmware | ≤ 1.0.4.s0 | Yes |
| Hardware | wago | 0852-1505\/000-001 | - | No |