Wago Solution Builder vulnerabilities

CVE-2026-2328 [HIGH] CWE-790 CVE-2026-2328: An unauthenticated remote attacker can exploit insufficient input validation to access backend compo An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

CVE-2025-41715 [CRITICAL] CWE-306 CVE-2025-41715: The database for the web application is exposed without authentication, allowing an unauthenticated The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it.

CVE-2025-41716 [MEDIUM] CWE-306 CVE-2025-41716: The web application allows an unauthenticated remote attacker to learn information about existing us The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function.