GCVE - cpe:2.3:h:wago:762-5206\/8000-001:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:wago:762-5206\/8000-001:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Wago (`32ab7757-de27-5378-a269-9c7ac714c35b`)
Product	762 5206/8000 001 (`8ab89521-d83d-519f-b1dd-c03ee982d2a9`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-3281`	not_vulnerable	2026-06-03 14:47:52.837985	WAGO: multiple products - Loss of MAC-Address-Filtering after reboot HIGH (7.5) WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter. Published: 2022-10-17T08:20:12.389Z Updated: 2025-05-10T02:56:32.932Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2022-042/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-22511`	not_vulnerable	2026-06-03 14:46:24.389734	WAGO PLCs WBM vulnerable to reflected XSS MEDIUM (5.4) Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised. Published: 2022-03-09T19:38:43.516Z Updated: 2024-09-17T00:16:00.059Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2022-004/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-34569`	not_vulnerable	2026-06-03 14:44:45.586557	WAGO I/O-Check Service prone to Out-of-bounds Write CRITICAL (9.8) In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. Published: 2022-11-09T15:17:36.366Z Updated: 2025-05-01T19:17:39.712Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2020-036/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-34568`	not_vulnerable	2026-06-03 14:44:45.578793	WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling HIGH (7.5) In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. Published: 2022-11-09T15:17:29.795Z Updated: 2025-05-01T14:20:17.218Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2020-036/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-34567`	not_vulnerable	2026-06-03 14:44:45.572087	WAGO I/O-Check Service prone to Out-of-bounds Read HIGH (8.2) In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read. Published: 2022-11-09T15:17:23.429Z Updated: 2025-05-01T14:20:39.270Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2020-036/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-34566`	not_vulnerable	2026-06-03 14:44:45.534899	WAGO I/O-Check Service prone to Memory Overflow CRITICAL (9.1) In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS. Published: 2022-11-09T15:17:14.172Z Updated: 2025-05-01T14:21:10.643Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2020-036/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12069`	not_vulnerable	2026-06-03 14:41:33.313990	CODESYS V3 prone to Inadequate Password Hashing HIGH (7.8) In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. Published: 2022-12-26T00:00:00.000Z Updated: 2025-04-14T16:17:54.368Z Open on db.gcve.eu Reference links https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12943&token=d097958a67ba382de688916f77e3013c0802fade&download= https://cert.vde.com/en/advisories/VDE-2021-061/ https://cert.vde.com/en/advisories/VDE-2022-031/ https://cert.vde.com/en/advisories/VDE-2022-022/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.