CVE-2022-50926

WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

CVSS 8.7 HIGHEPSS 0.5%CWE-565

WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Productos afectados

Wago · WAGO 750-8212 PFC200

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.exploit-db.com/exploits/50793 https://www.vulncheck.com/advisories/wago-pfc-g-eth-rs-privilege-escalation https://www.wago.com