Unrated severityNVD Advisory· Published Jan 19, 2023· Updated Apr 2, 2025
WAGO: Missing authentication for config export functionality in multiple products
CVE-2022-3738
Description
The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- WAGO/Series WAGO PFC100v5Range: FW16
- WAGO/Series WAGO PFC200v5Range: FW16
- WAGO/Series WAGO Touch Panel 600 Advanced Linev5Range: FW16
- Range: FW16
- WAGO/Series WAGO Touch Panel 600 Standard Linev5Range: FW16
- WAGO/WAGO Compact Controller CC100v5Range: FW16
- WAGO/WAGO Edge Controllerv5Range: FW16
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.