Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-45140

The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.

Published

2023-02-27T15:15:11.503

Last Modified

2024-11-21T07:28:50.143

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Primary
    CWE-306
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System wago 751-9301_firmware < 22 Yes
Operating System wago 751-9301_firmware 22 Yes
Operating System wago 751-9301_firmware 23 Yes
Hardware wago 751-9301 - No
Operating System wago 752-8303\/8000-002_firmware < 22 Yes
Operating System wago 752-8303\/8000-002_firmware 22 Yes
Operating System wago 752-8303\/8000-002_firmware 23 Yes
Hardware wago 752-8303\/8000-002 - No
Operating System wago pfc100_firmware < 22 Yes
Operating System wago pfc100_firmware 22 Yes
Operating System wago pfc100_firmware 23 Yes
Hardware wago pfc100 - No
Operating System wago pfc200_firmware < 22 Yes
Operating System wago pfc200_firmware 22 Yes
Operating System wago pfc200_firmware 23 Yes
Hardware wago pfc200 - No
Operating System wago touch_panel_600_advanced_firmware < 22 Yes
Operating System wago touch_panel_600_advanced_firmware 22 Yes
Operating System wago touch_panel_600_advanced_firmware 23 Yes
Hardware wago touch_panel_600_advanced - No
Operating System wago touch_panel_600_marine_firmware < 22 Yes
Operating System wago touch_panel_600_marine_firmware 22 Yes
Operating System wago touch_panel_600_marine_firmware 23 Yes
Hardware wago touch_panel_600_marine - No
Operating System wago touch_panel_600_standard_firmware < 22 Yes
Operating System wago touch_panel_600_standard_firmware 22 Yes
Operating System wago touch_panel_600_standard_firmware 23 Yes
Hardware wago touch_panel_600_standard - No
References