← back
CVE-2022-50926

WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

CVSS 8.7 HIGHEPSS 0.5%CWE-565
WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Wago · WAGO 750-8212 PFC200

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/50793https://www.vulncheck.com/advisories/wago-pfc-g-eth-rs-privilege-escalationhttps://www.wago.com