Unauthenticated Access and Settings Manipulation Vulnerability in WAGO PFC200 and 750 Series

Unauthenticated Access and Settings Manipulation Vulnerability in WAGO PFC200 and 750 Series

CVE-2016-9362 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to edit and to view settings without authenticating.

Learn more about our Web App Pen Testing.