Vulnerability Details CVE-2021-20998
In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.3%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 7.5
References
Products affected by CVE-2021-20998
-
cpe:2.3:h:wago:0852-0303:-
-
cpe:2.3:h:wago:0852-1305/000-001:-
-
cpe:2.3:h:wago:0852-1305:-
-
cpe:2.3:h:wago:0852-1505/000-001:-
-
cpe:2.3:h:wago:0852-1505:-
-
cpe:2.3:o:wago:0852-0303_firmware:-
-
cpe:2.3:o:wago:0852-0303_firmware:1.2.3.s0
-
cpe:2.3:o:wago:0852-1305/000-001_firmware:-
-
cpe:2.3:o:wago:0852-1305/000-001_firmware:1.0.4.s0
-
cpe:2.3:o:wago:0852-1305_firmware:-
-
cpe:2.3:o:wago:0852-1305_firmware:1.1.7.s0
-
cpe:2.3:o:wago:0852-1505/000-001_firmware:-
-
cpe:2.3:o:wago:0852-1505/000-001_firmware:1.0.4.s0
-
cpe:2.3:o:wago:0852-1505_firmware:-
-
cpe:2.3:o:wago:0852-1505_firmware:1.1.6.s0