750 890 Firmware

750-890_firmware

Vendor: Wago • 23 CVEs

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-1620 1Wago 76750 331 Firmware 750 8202/000 011 Firmware750 8202/000 012 Firmware+73 more Nov 21, 2024 Jun 26, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
CVE-2023-1619 1Wago 76750 331 Firmware 750 8202/000 011 Firmware750 8202/000 012 Firmware+73 more Nov 21, 2024 Jun 26, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
CVE-2023-1150 1Wago 18750 362/000 001 Firmware 750 362/040 000 Firmware750 362 Firmware+15 more Nov 21, 2024 Jun 26, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.
CVE-2021-34596 2Codesys Wago 30750 8202 Firmware 750 8203 Firmware750 8204 Firmware+27 more Aug 15, 2025 Oct 26, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVE-2021-34595 2Codesys Wago 30750 8202 Firmware 750 8203 Firmware750 8204 Firmware+27 more Aug 15, 2025 Oct 26, 2021 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or loc...Show more A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.Show less
CVE-2021-34586 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
CVE-2021-34585 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur...Show more In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.Show less
CVE-2021-34584 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVE-2021-34583 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVE-2021-30195 2Codesys Wago 29750 8202 Firmware 750 8203 Firmware750 8204 Firmware+26 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
CVE-2021-30194 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.
CVE-2021-30193 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.
CVE-2021-30192 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.
CVE-2021-30191 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
CVE-2021-30190 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.
CVE-2021-30189 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.
CVE-2021-30188 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.
CVE-2021-30186 2Codesys Wago 29750 8202 Firmware 750 8203 Firmware750 8204 Firmware+26 more Aug 15, 2025 May 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
CVE-2021-30187 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 May 25, 2021 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
CVE-2021-21001 1Wago 27750 8202 Firmware 750 8203 Firmware750 8204 Firmware+24 more Aug 15, 2025 May 24, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.

12 Next