Severity

9.8

Vulnerability Type

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) external link

Summary

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.