Primary

Context

WAGO Industrial Managed Switch Stack Buffer Overflow Vulnerability Allowing Denial-of-Service and Potential Remote Code Execution

Vulnerability

A stack buffer overflow vulnerability has been identified in the WAGO Industrial Managed Switch models 0852-1322 and 0852-1328, both running firmware through 2.64. This vulnerability arises from improper length handling when parsing multiple cookie fields, including TRACKID. An unauthenticated remote attacker can exploit this by sending oversized cookie values, leading to a denial-of-service condition and possibly allowing remote code execution.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the web service. Additionally, it creates a stack buffer overflow that could be leveraged for remote code execution.

Remediation

Users are advised to update their devices to firmware version 02.65.

Added: Feb 9, 2026, 8:39 AM

Updated: Feb 9, 2026, 4:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.8

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.8

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WAGO Industrial Managed Switch Stack Buffer Overflow Vulnerability Allowing Denial-of-Service and Potential Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating