Primary

Context

WAGO Industrial Managed Switch Authentication Bypass Vulnerability

Vulnerability

Patched

An authentication bypass vulnerability has been identified in the WAGO Industrial Managed Switch models 0852-1322 and 0852-1328, both running firmware through 2.64. This vulnerability allows unauthenticated remote attackers to exploit inadequate URI validation and employ path traversal sequences to gain unauthorized access to protected CGI endpoints and configuration downloads. Successful exploitation could also lead to access of plaintext administrative credentials.

Impact

Exploitation of this vulnerability allows for authentication bypass, granting unauthorized access to protected CGI endpoints and configuration downloads. Additionally, it enables access to plaintext administrative credentials.

Remediation

Users are advised to update their devices to firmware version 02.65.

Added: Feb 9, 2026, 8:31 AM

Updated: Feb 9, 2026, 4:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WAGO Industrial Managed Switch Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

WAGO Industrial-Managed-Switch 0852-1328

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating