CVE-2019-10712

CRITICAL

WAGO Series 750-88x and 750-87x Firmware - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Description

The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.

References (9)

Core 9
Core References
Third Party Advisory x_refsource_misc
https://cert.vde.com/de-de/advisories/vde-2019-008
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/108482

Scores

CVSS v3 9.8
EPSS 0.0276
EPSS Percentile 84.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-798
Status published
Products (16)
wago/750-330_firmware < 14
wago/750-352_firmware < 14
wago/750-829_firmware < 14
wago/750-830_firmware < 06
wago/750-831_firmware < 14
wago/750-849_firmware < 08
wago/750-852_firmware < 14
wago/750-871_firmware < 11
wago/750-872_firmware < 07
wago/750-873_firmware < 07
... and 6 more
Published May 07, 2019
Tracked Since Feb 18, 2026