VDE-2020-029
Last update
14.05.2025 15:00
Published at
30.09.2020 13:11
Vendor(s)
WAGO GmbH & Co. KG
External ID
VDE-2020-029
CSAF Document
Summary
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
The SNMP configuration page of the device is vulnerable for a persistent XSS (Cross-Site Scripting) attack.
Impact
An attacker needs an authorized login on the device in order to exploit the snmp configuration website with malicious scripts. This can be used to install malicious code and to gain access to confidential information.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 750-352 | 750-352 | Firmware <=FW13 |
| 750-362 | 750-362 | Firmware <=FW03 |
| 750-363 | 750-363 | Firmware <=FW03 |
| 750-823 | 750-823 | Firmware <=FW03 |
| 750-831/xxx-xxx | 750-831/xxx-xxx | Firmware <=FW13 |
| 750-832/xxx-xxx | 750-832/xxx-xxx | Firmware <=FW03 |
| 750-852 | 750-852 | Firmware <=FW13 |
| 750-862 | 750-862 | Firmware <=FW03 |
| 750-880/xxx-xxx | 750-880/xxx-xxx | Firmware <=FW13 |
| 750-881 | 750-881 | Firmware <=FW13 |
| 750-889 | 750-889 | Firmware <=FW13 |
| 750-890/0xx-xxx | 750-890/0xx-xxx | Firmware <=FW03 |
| 750-891 | 750-891 | Firmware <=FW03 |
Vulnerabilities
Expand / Collapse all
Published
22.09.2025 14:57
Severity
Weakness
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
Summary
WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.
References
Mitigation
- Restrict network access to the device.
- Use strong passwords
- Do not directly connect the device to the internet
- Disable unused TCP/UDP-ports
Remediation
update devices
| Product | Fixed Versions |
|---|---|
| 750-362 | FW05 |
| 750-363 | FW05 |
| 750-823 | FW05 |
| 750-832/xxx-xxx | FW05 |
| 750-862 | FW05 |
| 750-891 | FW05 |
| 750-890/xxx-xxx | FW05 |
| 750-352 | FW14 |
| 750-831/xxx-xxx | FW14 |
| 750-852 | FW14 |
| 750-880/xxx-xxx | FW14 |
| 750-881 | FW14 |
| 750-889 | FW14 |
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 30.09.2020 13:11 | initial revision |
| 2 | 10.04.2025 15:00 | Fixed csaf reference URL |
| 3 | 14.05.2025 15:00 | Fix: added distribution |