VYPR
Unrated severityNVD Advisory· Published Jan 19, 2023· Updated Apr 2, 2025

WAGO: Missing authentication for config export functionality in multiple products

CVE-2022-3738

Description

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • WAGO/Series WAGO PFC100v5
    Range: FW16
  • WAGO/Series WAGO PFC200v5
    Range: FW16
  • WAGO/Series WAGO Touch Panel 600 Advanced Linev5
    Range: FW16
  • Range: FW16
  • WAGO/Series WAGO Touch Panel 600 Standard Linev5
    Range: FW16
  • WAGO/WAGO Compact Controller CC100v5
    Range: FW16
  • WAGO/WAGO Edge Controllerv5
    Range: FW16

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.