CVE-2020-12505: Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without…

critical9.1CVSS 3.1

AVNACLPRNUINSUCNIHAH

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below.

Affected

14 ranges

Vendor	Product	Version range	Fixed in
wago	750-831_firmware	<= fw07	—
wago	750-831_xxx-xxx	unspecified – FW07	—
wago	750-852	unspecified – FW07	—
wago	750-852_firmware	<= fw07	—
wago	750-880_firmware	<= fw07	—
wago	750-880_xxx-xxx	unspecified – FW07	—
wago	750-881	unspecified – FW07	—
wago	750-881_firmware	<= fw07	—
wago	750-882	unspecified – FW07	—
wago	750-882_firmware	<= fw07	—
wago	750-885_firmware	<= fw07	—
wago	750-885_xxx-xxx	unspecified – FW07	—
wago	750-889	unspecified – FW07	—
wago	750-889_firmware	<= fw07	—