This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Wago First view 2022-03-09
Product 762-6304/8000-002 Firmware Last view 2022-11-09
Version * Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:wago:762-6304/8000-002_firmware

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2022-11-09 CVE-2021-34569

In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.

7.5 2022-11-09 CVE-2021-34568

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.

8.2 2022-11-09 CVE-2021-34567

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.

9.1 2022-11-09 CVE-2021-34566

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.

5.4 2022-03-09 CVE-2022-22511

Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.

CWE : Common Weakness Enumeration

%idName
20% (1) CWE-787 Out-of-bounds Write
20% (1) CWE-770 Allocation of Resources Without Limits or Throttling
20% (1) CWE-125 Out-of-bounds Read
20% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
20% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')