cbcvebase.
CVE-2025-25265
published 2025-06-16

CVE-2025-25265: A web application for configuring the controller is accessible at a specific path. It contains an endpoint that allows a high privileged remote attacker to…

medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
A web application for configuring the controller is accessible at a specific path. It contains an endpoint that allows a high privileged remote attacker to read files from the system’s file structure.

Affected

24 ranges
VendorProductVersion rangeFixed in
msrccbl2_kernel_5.15.26.1-1_on_cbl_mariner_2.0
msrccm1_kernel_5.10.102.1-1_on_cbl_mariner_1.0
wagocc100_0751-9x01>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagoedge_controller_0752-8303_8000-0002>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagoedge_controller_0752-8303_8000-0002>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagopfc100_g1_0750-810x_xxxx-xxxx>= 0.0.0 < 3.10.11 (FW22 Patch 2)3.10.11 (FW22 Patch 2)
wagopfc100_g2_0750-811x-xxxx-xxxx>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagopfc100_g2_0750-811x-xxxx-xxxx>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagopfc200_g1_750-820x-xxx-xxx>= 0.0.0 < 3.10.11 (FW22 Patch 2)3.10.11 (FW22 Patch 2)
wagopfc200_g2_750-821x-xxx-xxx>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagopfc200_g2_750-821x-xxx-xxx>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-420x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-420x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-430x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-430x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-520x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-520x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-530x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-530x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-620x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-620x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagotp600_0762-630x_8000-000x>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)
wagotp600_0762-630x_8000-000x>= 0.0.0 < 04.07.01 (70)04.07.01 (70)
wagowago_cc100_0751-9x01>= 0.0.0 < 04.07.01 (FW29)04.07.01 (FW29)