WAGO 厂商漏洞列表 / CVE 中文分析 96

WAGO 厂商相关 96 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

WAGO 是一家专注于工业自动化与物联网解决方案的德国厂商，其控制器及通信模块广泛应用于工厂自动化领域。截至最新统计，该厂商产品已收录 96 条 CVE。历史漏洞多涉及远程代码执行、身份认证绕过及缓冲区溢出，常因固件更新机制缺陷或默认配置不当引发。其安全特性包括支持安全启动与加密通信，但部分老旧型号因缺乏持续维护成为攻击重点，建议用户及时升级固件以修补已知风险。

CVEs 96

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2023-5872	Wago: Vulnerability in Smart Designer Web-Application — Smart DesignerCWE-203	4.3	Medium	2026-04-16
CVE-2024-1490	Wago: Vulnerability in WBM through Open VPN — CC100 (0751-9x01)CWE-94	7.2	High	2026-04-09
CVE-2026-2328	Backend Access Due to Insufficient Input Validation — Device SphereCWE-790	7.5	High	2026-03-30
CVE-2026-3587	Hidden CLI Function Allows Root Access — Lean Managed Switch 852-1812CWE-912	10.0	Critical	2026-03-23
CVE-2026-22906	Hardcoded Key Allows Credential Disclosure — 0852-1322CWE-321	9.8	Critical	2026-02-09
CVE-2026-22905	Authentication Bypass via URI Traversal — 0852-1322CWE-22	7.5	High	2026-02-09
CVE-2026-22904	Stack Overflow via Oversized Cookie Fields in lighttpd — 0852-1322CWE-121	9.8	Critical	2026-02-09
CVE-2026-22903	Stack Overflow via SESSIONID Cookie in lighttpd — 0852-1322CWE-121	9.8	Critical	2026-02-09
CVE-2022-50926	WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation — WAGO 750-8212 PFC200CWE-565	9.8	Critical	2026-01-13
CVE-2025-41732	Stack-based buffer overflow via unsafe sscanf in check_cookie() — Indsutrial-Managed-SwitchesCWE-121	9.8	Critical	2025-12-10
CVE-2025-41730	Stack-based buffer overflow via unsafe sscanf in check_account() — Indsutrial-Managed-SwitchesCWE-121	9.8	Critical	2025-12-10
CVE-2025-41716	Unauthenticated User Enumeration via Missing Authentication — Solution BuilderCWE-306	5.3	Medium	2025-09-24
CVE-2025-41715	Missing Authentication for Database Access in Web Application — Device SphereCWE-306	9.8	Critical	2025-09-24
CVE-2025-41713	WAGO: Vulnerability in hardware switch circuit — CC100 0751-9301CWE-1188	6.5	Medium	2025-09-15
CVE-2025-41664	Improper Permission Handling Enables Unauthorized Access to Firmware and Certificates — Coupler 0750-0362CWE-732	7.5	High	2025-09-08
CVE-2025-41672	WAGO: Vulnerability in WAGO Device Sphere — Wago Device SphereCWE-1188	10.0	Critical	2025-07-07
CVE-2025-25265	Unauthenticated File Read via Web Interface — WAGO CC100 0751-9x01CWE-306	4.9	Medium	2025-06-16
CVE-2025-25264	Overly Permissive CORS Policy in WAGO Device Manager — CC100 0751-9x01CWE-942	6.5	Medium	2025-06-16
CVE-2025-1235	WAGO: Switches affected by year 2k38 problem — Fully Managed Switches 0852-0303CWE-190	4.3	Medium	2025-06-02
CVE-2025-0101	WAGO: Year 2038 problem — CC100 0751-9x01CWE-190	6.5	Medium	2025-04-16
CVE-2024-12650	Wago: Vulnerability in libwagosnmp — CC100 0751-9x01CWE-252	5.4	Medium	2025-03-05
CVE-2018-25108	WAGO: Denial of service in 750-8xx controller due to uncontrolled resource consumption — 750-8100 (Controller PFC100)CWE-770	7.5	High	2025-01-16
CVE-2024-41974	WAGO: BACNet Service Property Modification Due to Permission Misconfiguration in Multiple Devices — CC100 0751-9x01CWE-732	7.1	High	2024-11-18
CVE-2024-41973	WAGO: Remote Arbitrary File Write with Root Privileges in multiple Devices — CC100 0751-9x01CWE-35	8.1	High	2024-11-18
CVE-2024-41972	WAGO: Arbitrary File Overwrite Leading to Privileged File Read in Multiple Devices — CC100 0751-9x01CWE-35	6.5	Medium	2024-11-18
CVE-2024-41971	WAGO: Arbitrary File Overwrite in Multiple Devices — CC100 0751-9x01CWE-22	8.1	High	2024-11-18
CVE-2024-41970	WAGO: Unauthorized Diagnostic Data Exposure in Multiple Devices — CC100 0751-9x01CWE-732	5.7	Medium	2024-11-18
CVE-2024-41969	WAGO: CODESYS V3 Configuration Authentication Bypass in Multiple Devices — CC100 0751-9x01CWE-306	8.8	High	2024-11-18
CVE-2024-41967	WAGO: Boot Mode Manipulation in Multiple Devices — CC100 0751-9x01CWE-306	8.1	High	2024-11-18
CVE-2024-41968	WAGO: Docker Settings Manipulation in Multiple Devices — CC100 0751-9x01CWE-306	5.4	Medium	2024-11-18

本页汇总了 WAGO 厂商截至目前公开的全部 96 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

WAGO 厂商漏洞列表 / CVE 中文分析 96

目標達成すべての支援者に感謝 — 100%達成しました！