This page lists publicly disclosed CVE vulnerabilities affecting wago edge_controller_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-3379 | Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. | [email protected] | 5.3 | 0.04% | 2023-11-20 | 2024-11-21 |
| CVE-2023-4089 | On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected. | [email protected] | 2.7 | 0.14% | 2023-10-17 | 2024-11-21 |
| CVE-2023-1698 | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. | [email protected] | 9.8 | 94.03% | 2023-05-15 | 2024-11-21 |
| CVE-2022-3738 | The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull. | [email protected] | 5.9 | 0.30% | 2023-01-19 | 2024-11-21 |