Exploitation Summary
EIP tracks 1 public exploit for CVE-2026-3587. PoCs published by z3r0h3ro.
AI-analyzed exploit summary The repository claims to provide a PoC for CVE-2026-3587 but only contains a README with vague details and a link to an external download (tinyurl.com). No actual exploit code is included.
Description
An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.
Exploits (1)
nomisec
SUSPICIOUS
by z3r0h3ro · poc
https://github.com/z3r0h3ro/cve-2026-3587-poc
The repository claims to provide a PoC for CVE-2026-3587 but only contains a README with vague details and a link to an external download (tinyurl.com). No actual exploit code is included.
Classification
Suspicious 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
WAGO Managed Switch CLI
No auth needed
Prerequisites:
network access to port 23/22
MITRE ATT&CK
devstral-2 · analyzed Mar 24, 2026
Full analysis →
References (1)
Core 1
Core References
Scores
CVSS v3
10.0
EPSS
0.0014
EPSS Percentile
33.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-912
Status
published
Products (16)
WAGO/Industrial Managed Switch 852-1305
0.0.0 - V1.2.0.S0
WAGO/Industrial Managed Switch 852-1305-000-001
0.0.0 - V1.2.0.S0
WAGO/Industrial Managed Switch 852-1505
0.0.0 - V1.1.9.S0
WAGO/Industrial Managed Switch 852-1505-000-001
0.0.0 - V1.2.0.S0
WAGO/Industrial Managed Switch 852-1605
0.0.0 - V1.2.5.S0
WAGO/Industrial Managed Switch 852-303
0.0.0 - V1.2.8.S0
WAGO/Industrial Managed Switch 852-602
0.0.0 - V1.0.6.S0
WAGO/Industrial Managed Switch 852-603
0.0.0 - V1.0.6.S0
WAGO/Lean Managed Switch 852-1812
0.0.0 - V1.2.1.S0
WAGO/Lean Managed Switch 852-1812-010-000
0.0.0 - V1.2.1.S0
... and 6 more
Published
Mar 23, 2026
Tracked Since
Mar 23, 2026