CVEブラウザに戻る

CVE-2021-20998

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1890%

EPSS Percentile26.79th

Published2021年5月13日

Last Modified2024年11月21日

Vulnerability Description

In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

Affected Platforms (CPE)

💻

Wago

0852 0303 Firmware

<= 1.2.3.s0

💻

Wago

0852 1305 Firmware

<= 1.1.7.s0

💻

Wago

0852 1505 Firmware

<= 1.1.6.s0

💻

Wago

0852 1305\/000 001 Firmware

<= 1.0.4.s0

💻

Wago

0852 1505\/000 001 Firmware

<= 1.0.4.s0

References & Advisories

🔗 https://cert.vde.com/en-us/advisories/vde-2021-013

🔗 https://cert.vde.com/en-us/advisories/vde-2021-013

関連する脆弱性情報

CVE-2021-024810.0

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks ...

CVE-2021-224410.0

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provide...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-224810.0

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that...