Search criteria
5 vulnerabilities found for 750-352 by WAGO
VAR-201810-1044
Vulnerability from variot - Updated: 2025-06-14 23:05WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. WAGO 750-881 Ethernet Controller The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WAGO750-881EthernetControllerdevices is an Ethernet controller device from WAGO, Germany. The remote attacker can use the SNMP_DESC or SNMP_LOC_SNMP_CONT field to inject any web script or HTML. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-1044",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-881 ethernet controller devices",
"scope": "eq",
"trust": 1.6,
"vendor": "wago",
"version": "01.09.18\\(13\\)"
},
{
"model": "750-881 ethernet controller devices",
"scope": "eq",
"trust": 1.6,
"vendor": "wago",
"version": "01.08.01\\(10\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-352",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-363",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-362",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "05"
},
{
"model": "750-881 ethernet controller device",
"scope": "lte",
"trust": 0.8,
"vendor": "wago",
"version": "01.09.18(13)"
},
{
"model": "ethernet controller",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-881\u003c=01.09.18(13)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wago:wago_750-881_ethernet_controller_devices_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
}
]
},
"cve": "CVE-2018-16210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-16210",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21245",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-126547",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-16210",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-16210",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-16210",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-16210",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-21245",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-676",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126547",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. WAGO 750-881 Ethernet Controller The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WAGO750-881EthernetControllerdevices is an Ethernet controller device from WAGO, Germany. The remote attacker can use the SNMP_DESC or SNMP_LOC_SNMP_CONT field to inject any web script or HTML. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-16210"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "EXPLOIT-DB",
"id": "45581",
"trust": 3.1
},
{
"db": "NVD",
"id": "CVE-2018-16210",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-21245",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-126547",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"id": "VAR-201810-1044",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
}
],
"trust": 1.1798500888888888
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
}
]
},
"last_update_date": "2025-06-14T23:05:23.850000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://global.wago.com/jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126547"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.exploit-db.com/exploits/45581/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16210"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16210"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/45581"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "VULHUB",
"id": "VHN-126547"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"date": "2018-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-126547"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"date": "2018-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"date": "2018-10-12T22:15:07.377000",
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-126547"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011237"
},
{
"date": "2019-05-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-676"
},
{
"date": "2025-06-13T17:56:26.900000",
"db": "NVD",
"id": "CVE-2018-16210"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO 750-881 Ethernet Controller Device Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21245"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011237"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-676"
}
],
"trust": 0.6
}
}
VAR-201905-1110
Vulnerability from variot - Updated: 2024-11-23 23:08The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. Wago series 750-88x and 750-87x The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state.
WAGO Series 750-88x and 750-87x have a vulnerability in trust management issues. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates and other attacks. Components. Successfully exploiting this issue allows a remote attacker to change the settings or alter the programming of the device. The following versions of Series 750-88x and 750-87x are affected: 750-330 firmware versions prior to FW14 750-352 firmware versions prior to FW14 750-829 firmware versions prior to FW14 750-831 firmware versions prior to FW14 750-852 firmware versions prior to FW14 750-880 firmware versions prior to FW14 750-881 firmware versions prior to FW14 750-882 firmware versions prior to FW14 750-884 firmware versions prior to FW14 750-885 firmware versions prior to FW14 750-889 firmware versions prior to FW14 750-830 firmware versions prior to FW06 750-849 firmware versions prior to FW08 750-871 firmware versions prior to FW11 750-872 firmware versions prior to FW07 750-873 firmware versions prior to FW07
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-352",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-330",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-849",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "08"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-871",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "11"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-872",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "07"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-884",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-873",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "07"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-830",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "06"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "14"
},
{
"model": "750-330",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-352",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-829",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-830",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-831",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-849",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-852",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-871",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-872",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-873",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-330"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-352"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-829"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-831"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-852"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-880"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-881"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-882"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-884"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-885"
},
{
"model": "\u003cfw14",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-889"
},
{
"model": "\u003cfw06",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-830"
},
{
"model": "\u003cfw08",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-849"
},
{
"model": "\u003cfw11",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-871"
},
{
"model": "\u003cfw07",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-872"
},
{
"model": "\u003cfw07",
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-873"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8890"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8850"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8840"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8820"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8810"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8800"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8730"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8720"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8710"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8520"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8490"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8310"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8300"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-8290"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-3520"
},
{
"model": "series",
"scope": "eq",
"trust": 0.3,
"vendor": "wago",
"version": "750-3300"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88914"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88514"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88414"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88214"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88114"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-88014"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-87307"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-87207"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-87111"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-85214"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-84908"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-83114"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-83006"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-82914"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-35214"
},
{
"model": "series",
"scope": "ne",
"trust": 0.3,
"vendor": "wago",
"version": "750-33014"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "BID",
"id": "108482"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wago:750-330_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-352_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-829_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-830_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-831_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-849_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-871_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-872_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-873_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "J??rn Schneeweisz/Recurity Labs,Reported by J?rn Schneeweisz/Recurity Labs to CERT-Bund coordinated by CERT@VDE with NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
}
],
"trust": 0.6
},
"cve": "CVE-2019-10712",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-10712",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-36951",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-10712",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-10712",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-10712",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-36951",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-768",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2019-10712",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. Wago series 750-88x and 750-87x The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \n\r\n\r\nWAGO Series 750-88x and 750-87x have a vulnerability in trust management issues. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates and other attacks. Components. \nSuccessfully exploiting this issue allows a remote attacker to change the settings or alter the programming of the device. \nThe following versions of Series 750-88x and 750-87x are affected:\n750-330 firmware versions prior to FW14\n750-352 firmware versions prior to FW14\n750-829 firmware versions prior to FW14\n750-831 firmware versions prior to FW14\n750-852 firmware versions prior to FW14\n750-880 firmware versions prior to FW14\n750-881 firmware versions prior to FW14\n750-882 firmware versions prior to FW14\n750-884 firmware versions prior to FW14\n750-885 firmware versions prior to FW14\n750-889 firmware versions prior to FW14\n750-830 firmware versions prior to FW06\n750-849 firmware versions prior to FW08\n750-871 firmware versions prior to FW11\n750-872 firmware versions prior to FW07\n750-873 firmware versions prior to FW07",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10712"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "BID",
"id": "108482"
},
{
"db": "VULMON",
"id": "CVE-2019-10712"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10712",
"trust": 3.4
},
{
"db": "CERT@VDE",
"id": "VDE-2019-008",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-19-106-02",
"trust": 2.4
},
{
"db": "BID",
"id": "108482",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-36951",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1311",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-10712",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"db": "BID",
"id": "108482"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"id": "VAR-201905-1110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
}
],
"trust": 1.438023100909091
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
}
]
},
"last_update_date": "2024-11-23T23:08:24.457000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://global.wago.com/jp/"
},
{
"title": "Patch for WAGO 750-88x Series and WAGO 750-87x Series Trust Management Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/225033"
},
{
"title": "WAGO 750-88x Series and WAGO 750-87x Series Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91566"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.securityfocus.com/bid/108482"
},
{
"trust": 2.5,
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10712"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-106-02"
},
{
"trust": 0.9,
"url": "http://www.wago.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10712"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-106-02"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-106-02"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3ccommits.cassandra.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/79170"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"db": "BID",
"id": "108482"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"db": "BID",
"id": "108482"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"date": "2019-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"date": "2019-05-28T00:00:00",
"db": "BID",
"id": "108482"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"date": "2019-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"date": "2019-05-07T22:29:00.207000",
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10712"
},
{
"date": "2019-05-28T00:00:00",
"db": "BID",
"id": "108482"
},
{
"date": "2019-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004431"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-768"
},
{
"date": "2024-11-21T04:19:47.313000",
"db": "NVD",
"id": "CVE-2019-10712"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO 750-88x Series and WAGO 750-87x Series Trust Management Issue Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36951"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-768"
}
],
"trust": 0.6
}
}
VAR-202012-0100
Vulnerability from variot - Updated: 2024-11-23 22:11Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. 750-88x and 750-352 The series is WAGO Provides PLC is. The product is exhausted (CWE-400) Service operation interruption due to (DoS) Vulnerability exists.Packets crafted by a remote third party HTTP(S) 80/443 Service operation interruption by receiving at the port (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0100",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-880",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-881",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-885",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-352",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-829",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-352",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-829",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-881",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-885",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-852",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-852",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-831",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-831",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-882",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-880",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-331",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-331",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "fw1"
},
{
"model": "750-331/xxx-xxx",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-352",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-829",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-831/xxx-xxx",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-852",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-880/xxx-xxx",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-881",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-882",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-885",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-889",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wago:750-331_xxx_xxx_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-352_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-829_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-831_xxx_xxx_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-880_xxx_xxx_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-881_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-882_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-885_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wago:750-889_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
}
]
},
"cve": "CVE-2020-12516",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-12516",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-12516",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-009454",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-12516",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2020-12516",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2020-009454",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-183",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. 750-88x and 750-352 The series is WAGO Provides PLC is. The product is exhausted (CWE-400) Service operation interruption due to (DoS) Vulnerability exists.Packets crafted by a remote third party HTTP(S) 80/443 Service operation interruption by receiving at the port (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12516"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT@VDE",
"id": "VDE-2020-042",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-20-308-01",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2020-12516",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU99899290",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009454",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.3794",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202011-183",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"id": "VAR-202012-0100",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6507937
},
"last_update_date": "2024-11-23T22:11:14.923000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Download request",
"trust": 0.8,
"url": "https://www.wago.com/us/requestDownload?downloadFile=FWMedia_58_750-881"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.8
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"trust": 2.4,
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12516"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu99899290"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12516"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3794/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-06T02:44:01",
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"date": "2020-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"date": "2020-12-10T03:15:11.593000",
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-17T03:09:25",
"db": "JVNDB",
"id": "JVNDB-2020-009454"
},
{
"date": "2020-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-183"
},
{
"date": "2024-11-21T04:59:50.853000",
"db": "NVD",
"id": "CVE-2020-12516"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO Made of 750-88x and 750-352 Resource exhaustion vulnerability in series",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009454"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-183"
}
],
"trust": 0.6
}
}
CVE-2020-12516 (GCVE-0-2020-12516)
Vulnerability from nvd – Published: 2020-12-10 03:04 – Updated: 2024-09-16 22:14
VLAI?
Title
WAGO: PLC families 750-88x and 750-352 prone to DoS attack
Summary
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WAGO | 750-331/xxx-xxx |
Affected:
FW1<=FW10
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "750-331/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-352",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-829",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-831/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-852",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-880/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-881",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-882",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-885",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-889",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"datePublic": "2020-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-22T21:14:49",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"solutions": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"title": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack",
"workarounds": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-12-09T09:00:00.000Z",
"ID": "CVE-2020-12516",
"STATE": "PUBLIC",
"TITLE": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "750-331/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-352",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-829",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-831/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-852",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-880/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-881",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-882",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-885",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-889",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
}
]
},
"vendor_name": "WAGO"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-042",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12516",
"datePublished": "2020-12-10T03:04:17.186342Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T22:14:10.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12516 (GCVE-0-2020-12516)
Vulnerability from cvelistv5 – Published: 2020-12-10 03:04 – Updated: 2024-09-16 22:14
VLAI?
Title
WAGO: PLC families 750-88x and 750-352 prone to DoS attack
Summary
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WAGO | 750-331/xxx-xxx |
Affected:
FW1<=FW10
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "750-331/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-352",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-829",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-831/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-852",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-880/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-881",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-882",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-885",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-889",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"datePublic": "2020-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-22T21:14:49",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"solutions": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"title": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack",
"workarounds": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-12-09T09:00:00.000Z",
"ID": "CVE-2020-12516",
"STATE": "PUBLIC",
"TITLE": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "750-331/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-352",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-829",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-831/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-852",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-880/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-881",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-882",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-885",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-889",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
}
]
},
"vendor_name": "WAGO"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-042",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12516",
"datePublished": "2020-12-10T03:04:17.186342Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T22:14:10.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}