cbcvebase.
CVE-2018-16210
published 2018-10-12

CVE-2018-16210: WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.

Affected

15 ranges
VendorProductVersion rangeFixed in
wago750-352_firmware< 1414
wago750-362_firmware< 0505
wago750-363_firmware< 0505
wago750-823_firmware< 0505
wago750-831_firmware< 1414
wago750-832_firmware< 0505
wago750-852_firmware< 1414
wago750-862_firmware< 0505
wago750-880_firmware< 1414
wago750-881_firmware< 1414
wago750-889_firmware< 1414
wago750-890_firmware< 0505
wago750-891_firmware< 0505
wagowago_750-881_ethernet_controller_devices_firmware
wagowago_750-881_ethernet_controller_devices_firmware