2 results (0.001 seconds)

CVSS: 7.5EPSS: 0%CPEs: 36EXPL: 0

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. • https://cert.vde.com/en/advisories/VDE-2023-005 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. Esta vulnerabilidad permite a un atacante que tenga acceso al WBM leer y escribir parámetros de configuración del dispositivo mediante el envío de peticiones específicamente construidas sin autenticación en múltiples PLCs de WAGO en versiones del firmware hasta FW07 • https://cert.vde.com/en-us/advisories/vde-2020-044 • CWE-287: Improper Authentication •