CVE-2023-4089
published 2023-10-17CVE-2023-4089: On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local…
low2.7CVSS 3.1
AVNACLPRHUINSUCLINAN
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos_os | — | — |
| wago | compact_controller_100_firmware | 19 – 26 | — |
| wago | compact_controller_cc100 | FW19 – FW26 | — |
| wago | edge_controller | FW18 – FW26 | — |
| wago | edge_controller_firmware | 18 – 26 | — |
| wago | pfc100 | FW16 – FW26 | — |
| wago | pfc100_firmware | 16 – 26 | — |
| wago | pfc200 | FW16 – FW26 | — |
| wago | pfc200_firmware | 16 – 26 | — |
| wago | touch_panel_600_advanced_firmware | 16 – 26 | — |
| wago | touch_panel_600_advanced_line | FW16 – FW26 | — |
| wago | touch_panel_600_marine_firmware | 16 – 26 | — |
| wago | touch_panel_600_marine_line | FW16 – FW26 | — |
| wago | touch_panel_600_standard_firmware | 16 – 26 | — |
| wago | touch_panel_600_standard_line | FW16 – FW26 | — |