What is the severity of CVE-2016-9362?

CVE-2016-9362 has been rated as high severity due to the potential for unauthorized access to sensitive configurations.

How do I fix CVE-2016-9362?

To mitigate CVE-2016-9362, update the firmware of affected WAGO devices to the latest version, specifically FW04 for the PFC200 and FW09 for the 750-881.

Which WAGO devices are affected by CVE-2016-9362?

CVE-2016-9362 affects the WAGO 750-8202/PFC200 prior to FW04, the WAGO 750-881 prior to FW09, and WAGO firmware for the 0758-0874-0000-0111.

What kind of attack is possible with CVE-2016-9362?

An attacker can exploit CVE-2016-9362 to access and modify the device settings via a specific URL on the web server.

Is CVE-2016-9362 being actively exploited in the wild?

There is currently no confirmed evidence that CVE-2016-9362 is being actively exploited in the wild, but the vulnerability should be addressed promptly.

Vulnerability/
CVE-2016-9362

critical

9.1

CWE

287

13/2/2017

6/8/2024

CVE-2016-9362

First published: Mon Feb 13 2017(Updated: )

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to edit and to view settings without authenticating.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
WAGO PFC200
WAGO PFC 200
WAGO 750-xxx series firmware
WAGO 750-8202 Firmware
WAGO 750-881 firmware
WAGO 758-xxxx series firmware
WAGO 758-874-0000-0111

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-9362?
CVE-2016-9362 has been rated as high severity due to the potential for unauthorized access to sensitive configurations.
How do I fix CVE-2016-9362?
To mitigate CVE-2016-9362, update the firmware of affected WAGO devices to the latest version, specifically FW04 for the PFC200 and FW09 for the 750-881.
Which WAGO devices are affected by CVE-2016-9362?
CVE-2016-9362 affects the WAGO 750-8202/PFC200 prior to FW04, the WAGO 750-881 prior to FW09, and WAGO firmware for the 0758-0874-0000-0111.
What kind of attack is possible with CVE-2016-9362?
An attacker can exploit CVE-2016-9362 to access and modify the device settings via a specific URL on the web server.
Is CVE-2016-9362 being actively exploited in the wild?
There is currently no confirmed evidence that CVE-2016-9362 is being actively exploited in the wild, but the vulnerability should be addressed promptly.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/wago
canonical/wago pfc200
canonical/wago pfc 200
canonical/wago 750-xxx series firmware
canonical/wago 750-8202 firmware
canonical/wago 750-881 firmware
canonical/wago 758-xxxx series firmware
canonical/wago 758-874-0000-0111

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.