Primary

Context

WAGO Industrial-Managed Switches Stack Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

A stack buffer overflow vulnerability has been identified in WAGO Industrial-Managed Switches model 0852-1322 and 0852-1328, both running firmware prior to 02.64. This vulnerability allows an unauthenticated remote attacker to exploit unsafe input handling in the check_cookie() function, leading to arbitrary data being written into fixed-size stack buffers. The lighttpd binary used in these switches lacks modern security features, increasing the risk of exploitation. The vulnerability could be exploited to execute arbitrary code on the device, potentially leading to a full device compromise.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected device.

Remediation

Users are advised to update their devices to firmware version 02.64 or later.

Added: Dec 10, 2025, 11:17 AM

Updated: Dec 10, 2025, 11:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WAGO Industrial-Managed Switches Stack Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating