Back to overview

Wago: Vulnerability in WBM through Open VPN

VDE-2024-008
Last update
04/08/2026 09:00
Published at
04/08/2026 09:00
Vendor(s)
WAGO GmbH & Co. KG
External ID
VDE-2024-008
CSAF Document
Download

Summary

A security vulnerability has been identified in the Web-Based Management (WBM) function when OpenVPN is enabled.

Impact

An authenticated attacker with high privileges can execute arbitrary shell commands on the affected device, potentially leading to full system compromise.

Affected Product(s)

Model no. Product name Affected versions
0750-810?-????-???? 0750-810-xxxx-xxxx wago_os_linux 3.10.10, wago_os_linux <=3.10.10
0750-811?-????-???? 0750-811x-xxxx-xxxx wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0751-9?01 0751-9x01 wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0752-8303/8000-0002 0752-8303-8000-0002 wago_os_linux <=4.5.10, wago_os_linux 4.5.10
0762-340? 0762-340x wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0762-420?-8000-000? 0762-420x-8000-000x wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0762-430?-8000-000? 0762-430x-8000-000x wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0762-520?-8000-000? 0762-520x-8000-000x wago_os_linux <=4.5.10, wago_os_linux 4.5.10
0762-530?-8000-000? 0762-530x-8000-000x wago_os_linux 4.5.10, wago_os_linux <=4.5.10
0762-620?-8000-000? 0762-620x-8000-000x wago_os_linux <=4.5.10, wago_os_linux 4.5.10
0762-630?-8000-000? 0762-630x-8000-000x wago_os_linux <=4.5.10, wago_os_linux 4.5.10
750-820?-????-???? 750-820x-xxxx-xxxx wago_os_linux 3.10.10, wago_os_linux <=3.10.10
750-821?-????-???? 750-821x-xxxx-xxxx wago_os_linux 4.5.10, wago_os_linux <=4.5.10

Vulnerabilities

Expand / Collapse all

Published
04/09/2026 15:27
Severity
7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Control of Generation of Code ('Code Injection') (CWE-94)
Summary

Authenticated RCE via OpenVPN in WAGO PLC

References
cve.org | nvd.nist.gov

Mitigation

The user is able to drop privileges of OpenVPN. How to do this is described in the Manual "Cyber Security for Controller PFC100 / PFC200" at section 7.1.4. and in the product manual.

Acknowledgments

WAGO GmbH & Co. KG thanks the following parties for their efforts:

  • CERT@VDE for coordination
  • Jeroen Wijenbergh, Floris Hendriks from Radboud University for reporting

Revision History

Version Date Summary
1.0.0 04/08/2026 09:00 Initial Release.