750 8217 Firmware

750-8217_firmware

Vendor: Wago • 23 CVEs

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-1620 1Wago 76750 331 Firmware 750 8202/000 011 Firmware750 8202/000 012 Firmware+73 more Nov 21, 2024 Jun 26, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
CVE-2023-1619 1Wago 76750 331 Firmware 750 8202/000 011 Firmware750 8202/000 012 Firmware+73 more Nov 21, 2024 Jun 26, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
CVE-2020-12069 4Codesys FestoPilz+1 more 64750 8100 Firmware 750 8101 Firmware750 8102 Firmware+61 more May 5, 2025 Dec 26, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local a...Show more In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.Show less
CVE-2022-3281 1Wago 78750 8100 Firmware 750 8101/000 010 Firmware750 8101/025 000 Firmware+75 more Nov 21, 2024 Oct 17, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumv...Show more WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.Show less
CVE-2021-34596 2Codesys Wago 30750 8202 Firmware 750 8203 Firmware750 8204 Firmware+27 more Aug 15, 2025 Oct 26, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVE-2021-34595 2Codesys Wago 30750 8202 Firmware 750 8203 Firmware750 8204 Firmware+27 more Aug 15, 2025 Oct 26, 2021 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or loc...Show more A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.Show less
CVE-2021-34593 2Codesys Wago 15750 8202 Firmware 750 8203 Firmware750 8204 Firmware+12 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory...Show more In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.Show less
CVE-2021-34586 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
CVE-2021-34585 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur...Show more In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.Show less
CVE-2021-34584 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVE-2021-34583 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVE-2021-30195 2Codesys Wago 29750 8202 Firmware 750 8203 Firmware750 8204 Firmware+26 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
CVE-2021-30194 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.
CVE-2021-30193 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.
CVE-2021-30192 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.
CVE-2021-30191 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
CVE-2021-30190 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.
CVE-2021-30189 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.
CVE-2021-30188 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.
CVE-2021-30186 2Codesys Wago 29750 8202 Firmware 750 8203 Firmware750 8204 Firmware+26 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.

12 Next