CVE-2023-3379 – WAGO: Improper Privilege Management in web-based management
https://notcve.org/view.php?id=CVE-2023-3379
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. La administración de múltiples productos basada en web de Wago tiene una vulnerabilidad que permite a un atacante autenticado local cambiar las contraseñas de otros usuarios que no sean administradores y así escalar privilegios no root. • https://cert.vde.com/en/advisories/VDE-2023-015 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVE-2023-4089 – WAGO: Multiple products vulnerable to local file inclusion
https://notcve.org/view.php?id=CVE-2023-4089
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected. En los productos Wago afectados, un atacante remoto con privilegios administrativos puede acceder a archivos a los que ya tiene acceso a través de una inclusión de archivo local no documentada. Este acceso se registra en un archivo de registro diferente al esperado. • https://cert.vde.com/en/advisories/VDE-2023-046 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVE-2023-1698 – WAGO: WBM Command Injection in multiple products
https://notcve.org/view.php?id=CVE-2023-1698
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. • https://github.com/codeb0ss/CVE-2023-1698-PoC https://github.com/Chocapikk/CVE-2023-1698 https://github.com/thedarknessdied/WAGO-CVE-2023-1698 https://github.com/deIndra/CVE-2023-1698 https://cert.vde.com/en/advisories/VDE-2023-007 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-45140 – WAGO: Missing Authentication for Critical Function
https://notcve.org/view.php?id=CVE-2022-45140
The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise. • https://cert.vde.com/en/advisories/VDE-2022-060 • CWE-306: Missing Authentication for Critical Function •
CVE-2022-45139 – WAGO: Origin validation error through CORS misconfiguration
https://notcve.org/view.php?id=CVE-2022-45139
A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality. • https://cert.vde.com/en/advisories/VDE-2022-060 • CWE-346: Origin Validation Error •