Wago 0852-1322

6 CVEs affecting Wago 0852-1322. Latest disclosed: 2026-02-09. Critical: 5, High: 1.

Top CVEs affecting Wago 0852-1322
CVESeverityScorePublishedSummary
CVE-2026-22906Critical9.82026-02-09User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and…
CVE-2026-22904Critical9.82026-02-09Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and…
CVE-2026-22903Critical9.82026-02-09An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the…
CVE-2025-41732Critical9.82025-12-10An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which…
CVE-2025-41730Critical9.82025-12-10An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers whic…
CVE-2026-22905High7.52026-02-09An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences (e.g., /js/../cgi-bin…