Vulnerability Details CVE-2021-20994
In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 4.3
References
Products affected by CVE-2021-20994
-
cpe:2.3:h:wago:0852-0303:-
-
cpe:2.3:h:wago:0852-1305/000-001:-
-
cpe:2.3:h:wago:0852-1305:-
-
cpe:2.3:h:wago:0852-1505/000-001:-
-
cpe:2.3:h:wago:0852-1505:-
-
cpe:2.3:o:wago:0852-0303_firmware:-
-
cpe:2.3:o:wago:0852-0303_firmware:1.2.3.s0
-
cpe:2.3:o:wago:0852-1305/000-001_firmware:-
-
cpe:2.3:o:wago:0852-1305/000-001_firmware:1.0.4.s0
-
cpe:2.3:o:wago:0852-1305_firmware:-
-
cpe:2.3:o:wago:0852-1305_firmware:1.1.7.s0
-
cpe:2.3:o:wago:0852-1505/000-001_firmware:-
-
cpe:2.3:o:wago:0852-1505/000-001_firmware:1.0.4.s0
-
cpe:2.3:o:wago:0852-1505_firmware:-
-
cpe:2.3:o:wago:0852-1505_firmware:1.1.6.s0