What is CVE-2024-1490?

CVE-2024-1490 is a high-severity vulnerability in Wago Cc100 (0751-9x01), classified under Code Injection. CVSS score: 7.2/10. Published 2026-04-09.

How severe is CVE-2024-1490?

High severity. CVSS v3 base score is 7.2 out of 10.

RCE in Wago Cc100 (0751-9x01)

CVE-2024-1490

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell com…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.001 (28.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Wago Cc100 (0751-9x01) — versions 0.0.0
Wago Edge Controller (0752-8303-8000-0002) — versions 0.0.0
Wago Pfc100 G1 (0750-810-xxxx-xxxx) — versions 0.0.0
Wago Pfc100 G2 (0750-811x-xxxx-xxxx) — versions 0.0.0
Wago Pfc200 G1 (750-820x-xxxx-xxxx) — versions 0.0.0
Wago Pfc200 G2 (750-821x-xxxx-xxxx) — versions 0.0.0
Wago Tp600 (0762-420x-8000-000x) — versions 0.0.0
Wago Tp600 (0762-430x-8000-000x) — versions 0.0.0
Wago Tp600 (0762-520x-8000-000x) — versions 0.0.0
Wago Tp600 (0762-530x-8000-000x) — versions 0.0.0

Weakness classification (CWE)

CWE-94 — Code Injection

References

Frequently asked questions

What is CVE-2024-1490?: CVE-2024-1490 is a high-severity vulnerability in Wago Cc100 (0751-9x01), classified under Code Injection. CVSS score: 7.2/10. Published 2026-04-09.
How severe is CVE-2024-1490?: High severity. CVSS v3 base score is 7.2 out of 10.