WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.
References
| Link | Resource |
|---|---|
| https://www.exploit-db.com/exploits/45581/ | Third Party Advisory VDB Entry |
| https://www.exploit-db.com/exploits/45581/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
History
13 Jun 2025, 17:56
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Wago 750-890
Wago 750-889 Firmware Wago 750-823 Firmware Wago 750-881 Firmware Wago 750-880 Wago 750-363 Firmware Wago 750-831 Wago 750-891 Firmware Wago 750-891 Wago 750-881 Wago 750-862 Wago 750-362 Wago 750-832 Wago 750-352 Wago 750-362 Firmware Wago 750-831 Firmware Wago 750-363 Wago 750-852 Wago 750-890 Firmware Wago 750-852 Firmware Wago 750-889 Wago 750-832 Firmware Wago 750-880 Firmware Wago 750-862 Firmware Wago 750-823 Wago 750-352 Firmware |
|
| CPE | cpe:2.3:o:wago:750-363_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:wago:750-362_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-862:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-891:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-832:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-832_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-890_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-823:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-362:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-891_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:wago:750-823_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-363:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:* cpe:2.3:h:wago:750-890:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:* cpe:2.3:o:wago:750-862_firmware:*:*:*:*:*:*:*:* |
21 Nov 2024, 03:52
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.exploit-db.com/exploits/45581/ - Third Party Advisory, VDB Entry |
Information
Published : 2018-10-12 22:15
Updated : 2025-06-13 17:56
NVD link : CVE-2018-16210
Mitre link : CVE-2018-16210
CVE.ORG link : CVE-2018-16210
JSON object : View
Products Affected
wago
- 750-852
- wago_750-881_ethernet_controller_devices_firmware
- 750-823
- 750-362_firmware
- 750-862
- 750-889_firmware
- 750-362
- 750-852_firmware
- 750-880_firmware
- 750-891_firmware
- 750-832
- 750-831
- 750-890
- 750-363_firmware
- 750-889
- 750-832_firmware
- 750-862_firmware
- 750-881
- 750-891
- 750-352_firmware
- 750-880
- 750-823_firmware
- 750-881_firmware
- wago_750-881_ethernet_controller_devices
- 750-363
- 750-831_firmware
- 750-890_firmware
- 750-352
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')