VYPR

managed switches

by Wago

CVEs (5)

  • CVE-2025-41732Dec 10, 2025
    risk 0.00cvss epss 0.00

    An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.

  • CVE-2025-41730Dec 10, 2025
    risk 0.00cvss epss 0.00

    An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.

  • CVE-2021-20998May 13, 2021
    risk 0.00cvss epss 0.01

    In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

  • CVE-2021-20994May 13, 2021
    risk 0.00cvss epss 0.01

    In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.

  • CVE-2021-20993May 13, 2021
    risk 0.00cvss epss 0.01

    In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.