CVSS: 9.8EPSS: 5%CPEs: 32EXPL: 0CVE-2019-10712
https://notcve.org/view.php?id=CVE-2019-10712
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. Los dispositivos Web-GUI de las series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) y 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) de WAGO disponen de acceso a servicios no documentados. • http://www.securityfocus.com/bid/108482 https://cert.vde.com/de-de/advisories/vde-2019-008 https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e&# • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 2CVE-2015-6472 – WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation
https://notcve.org/view.php?id=CVE-2015-6472
WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management. WAGO IO 750-849 01.01.27 y 01.02.05, WAGO IO 750-881, y WAGO IO 758-870 tienen una gestión de credenciales débil. WAGO IO PLC versions 758-870 and 750-849 suffer from weak credential management, lack of privilege separation, insecure ftp configuration, and weak filesystem permissions. • http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html http://seclists.org/fulldisclosure/2016/Mar/4 http://www.securityfocus.com/bid/84138 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 2CVE-2015-6473 – WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation
https://notcve.org/view.php?id=CVE-2015-6473
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation. WAGO IO 750-849 01.01.27 y WAGO IO 750-881 01.02.05 no contienen separación de privilegios. WAGO IO PLC versions 758-870 and 750-849 suffer from weak credential management, lack of privilege separation, insecure ftp configuration, and weak filesystem permissions. • http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html http://seclists.org/fulldisclosure/2016/Mar/4 http://www.securityfocus.com/bid/84138 • CWE-254: 7PK - Security Features •