WAGO CC100 0751-9x01
Moderate fix2 remedies
cpe:2.3:h:wago:cc100:*:*:*:*:*:*:*, +1 more
Moderate fix2 remedies
- < 04.07.01 (FW29)
- < 04.07.01 (70)
WAGO Device Manager Unauthenticated File Read Vulnerability
Vulnerability
Patched
A vulnerability exists in the WAGO Device Manager web application, which is used for configuring WAGO products. The issue allows unauthenticated remote attackers to read files from the system's file structure. This vulnerability arises because the application has an endpoint that can be accessed without authentication, enabling unauthorized access to sensitive files.
Impact
Exploitation of this vulnerability could lead to unauthorized access to the file system, allowing attackers to read sensitive files and potentially exploit other vulnerabilities or misconfigurations on the device.
Remediation
Users are advised to update to WAGO Device Manager firmware version 04.07.01 (FW29) or 03.10.11 (FW22 Patch 2). For the latest custom firmware, please contact WAGO support.
Added: Jun 16, 2025, 10:21 AM
Updated: Jun 16, 2025, 12:48 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
0.6exploitability
7.0remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.