CVE-2022-3738
published 2023-01-19CVE-2022-3738: The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like…
medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wago | cc100_firmware | 16 – 22 | — |
| wago | edge_controller_firmware | 16 – 22 | — |
| wago | pfc100_firmware | 16 – 22 | — |
| wago | pfc200_firmware | 16 – 22 | — |
| wago | series_wago_pfc100 | FW16 – FW22 | — |
| wago | series_wago_pfc200 | FW16 – FW22 | — |
| wago | series_wago_touch_panel_600_advanced_line | FW16 – FW22 | — |
| wago | series_wago_touch_panel_600_marine_line | FW16 – FW22 | — |
| wago | series_wago_touch_panel_600_standard_line | FW16 – FW22 | — |
| wago | touch_panel_600_advanced_firmware | 16 – 22 | — |
| wago | touch_panel_600_marine_firmware | 16 – 22 | — |
| wago | touch_panel_600_standard_firmware | 16 – 22 | — |
| wago | wago_compact_controller_cc100 | FW16 – FW22 | — |
| wago | wago_edge_controller | FW16 – FW22 | — |