Wago: >> Edge Controller Firmware >> 16 Security Vulnerabilities
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-11-20
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-01-19