Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
(CWE-78)
Summary
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.