Zurück zur Übersicht

WAGO: Vulnerabilities in Managed Switch

VDE-2026-004
Last update
09.02.2026 09:00
Published at
09.02.2026 09:00
Vendor(s)
WAGO GmbH & Co. KG
External ID
VDE-2026-004
CSAF Document
Download

Summary

Several vulnerabilities have been identified in the WAGO 852‑1328 device's web‑based management interface, which is implemented using a modified lighttpd server and custom CGI binaries. These issues include multiple stack buffer overflows, an authentication bypass, and insecure credential storage.

Impact

Successful exploitation may allow remote attackers to crash the web service, execute arbitrary code, bypass authentication controls, and obtain plaintext administrative credentials.

Affected Product(s)

Model no. Product name Affected versions
0852-1322 Industrial-Managed-Switch 0852-1322 Firmware 2.64, Firmware vers:generic/<=2.64
0852-1328 Industrial-Managed-Switch 0852-1328 Firmware 2.64, Firmware vers:generic/<=2.64

Vulnerabilities

Expand / Collapse all

Published
09.02.2026 08:38
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Use of Hard-coded Cryptographic Key (CWE-321)
References
cve.org | nvd.nist.gov

Published
09.02.2026 08:38
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Stack-based Buffer Overflow (CWE-121)
References
cve.org | nvd.nist.gov

Published
09.02.2026 08:38
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Stack-based Buffer Overflow (CWE-121)
References
cve.org | nvd.nist.gov

Published
09.02.2026 08:38
Severity
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
References
cve.org | nvd.nist.gov

Remediation

Please update your devices to the specified fixed firmware version 02.65.

Acknowledgments

WAGO GmbH & Co. KG thanks the following parties for their efforts:

  • CERT@VDE for coordination
  • Diconium for reporting

Revision History

Version Date Summary
1.0.0 09.02.2026 09:00 Release version.