Unrated severityNVD Advisory· Published Feb 27, 2023· Updated Mar 10, 2025
WAGO: Missing Authentication for Critical Function
CVE-2022-45138
Description
The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- WAGO/Compact Controller CC100 (751-9301)v5Range: FW16
- WAGO/Edge Controller (752-8303/8000-002)v5Range: FW18
- WAGO/PFC100 (750-81xx/xxx-xxx)v5Range: FW16
- Range: FW16
- WAGO/Touch Panel 600 Advanced Line (762-5xxx)v5Range: FW16
- WAGO/Touch Panel 600 Marine Line (762-6xxx)v5Range: FW16
- WAGO/Touch Panel 600 Standard Line (762-4xxx)v5Range: FW16
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.