VDE-2025-040
Vulnerability from csaf_wagogmbhcokg - Published: 2025-06-16 10:00 - Updated: 2025-06-16 10:00Summary
WAGO: Vulnerabilities in ctrlX OS app
Severity
High
Notes
Summary: The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges.
Impact: This could lead to an escalation of privileges and give an attacker full access to the device.
Remediation: Update the following components:
* Update Device Admin to version 2.6.9
* Update Solutions to version 2.6.1
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user’s browser via multiple crafted HTTP requests.
7.1 (High)
Vendor Fix
Update to Solutions 2.6.1 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request.
5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
7.1 (High)
Vendor Fix
Update to Solutions 2.6.1 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user’s browser via a crafted HTTP request.
7.1 (High)
Vendor Fix
Update to Solutions 2.6.1 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the “hosts” file in an unintended manner via a crafted HTTP request.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to manipulate the “/etc/environment” file via a crafted HTTP request.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file via a crafted HTTP request.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the wireless network configuration file via a crafted HTTP request.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to delete the configuration of physical network interfaces via a crafted HTTP request.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request.
7.1 (High)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request.
8.8 (High)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests.
6.5 (Medium)
Vendor Fix
Update to Device Admin 2.6.9 which is available in the WAGO Download center.
https://downloadcenter.wago.com/software/latest/c…
References
| URL | Category | |
|---|---|---|
Acknowledgments
CERTVDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERTVDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges.",
"title": "Summary"
},
{
"category": "description",
"text": "This could lead to an escalation of privileges and give an attacker full access to the device.",
"title": "Impact"
},
{
"category": "description",
"text": "Update the following components:\n* Update Device Admin to version 2.6.9\n* Update Solutions to version 2.6.1",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "external",
"summary": "WAGO PSIRT",
"url": "https://www.wago.com/de-en/automation-technology/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO",
"url": "https://certvde.com/de/advisories/vendor/wago/"
},
{
"category": "self",
"summary": "VDE-2025-040: WAGO: Vulnerabilities in ctrlX OS app - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-040"
},
{
"category": "self",
"summary": "VDE-2025-040: WAGO: Vulnerabilities in ctrlX OS app - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-040.json"
},
{
"category": "external",
"summary": "BOSCH-SA-640452: Multiple ctrlX OS vulnerabilities",
"url": "https://psirt.bosch.com/security-advisories/bosch-sa-640452.html"
}
],
"title": "WAGO: Vulnerabilities in ctrlX OS app",
"tracking": {
"aliases": [
"VDE-2025-040"
],
"current_release_date": "2025-06-16T10:00:00.000Z",
"generator": {
"date": "2025-06-13T11:01:48.819Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.26"
}
},
"id": "VDE-2025-040",
"initial_release_date": "2025-06-16T10:00:00.000Z",
"revision_history": [
{
"date": "2025-06-16T10:00:00.000Z",
"number": "1",
"summary": "Initial release."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "0752-8303_8000-0002",
"product": {
"name": "WAGO Hardware Edge Controller 0752-8303_8000-0002",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_family",
"name": "Edge Controller"
}
],
"category": "product_family",
"name": "Hardware"
}
],
"category": "vendor",
"name": "WAGO"
},
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.6.1",
"product": {
"name": "Bosch Rexroth Software Solutions \u003c2.6.1",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version",
"name": "2.6.1",
"product": {
"name": "Bosch Rexroth Software Solutions 2.6.1",
"product_id": "CSAFPID-22002"
}
}
],
"category": "product_name",
"name": "Solutions"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.6.9",
"product": {
"name": "Bosch Rexroth Software Device Admin \u003c2.6.9",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2.6.9",
"product": {
"name": "Bosch Rexroth Software Device Admin 2.6.9",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_name",
"name": "Device Admin"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Bosch Rexroth"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Bosch Rexroth Software Device Admin \u003c2.6.9 installed on WAGO Hardware Edge Controller 0752-8303_8000-0002",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Bosch Rexroth Software Solutions \u003c2.6.1 installed on WAGO Hardware Edge Controller 0752-8303_8000-0002",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Bosch Rexroth Software Device Admin 2.6.9 installed on WAGO Hardware Edge Controller 0752-8303_8000-0002",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Bosch Rexroth Software Solutions 2.6.1 installed on WAGO Hardware Edge Controller 0752-8303_8000-0002",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24338",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cManages app data\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user\u2019s browser via multiple crafted HTTP requests.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Solutions 2.6.1 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31002"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31002"
]
}
],
"title": "CVE-2025-24338"
},
{
"cve": "CVE-2025-24339",
"cwe": {
"id": "CWE-644",
"name": "Improper Neutralization of HTTP Headers for Scripting Syntax"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24339"
},
{
"cve": "CVE-2025-24340",
"cwe": {
"id": "CWE-916",
"name": "Use of Password Hash With Insufficient Computational Effort"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24340"
},
{
"cve": "CVE-2025-24341",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24341"
},
{
"cve": "CVE-2025-24342",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24342"
},
{
"cve": "CVE-2025-24343",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cManages app data\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Solutions 2.6.1 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31002"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31002"
]
}
],
"title": "CVE-2025-24343"
},
{
"cve": "CVE-2025-24344",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user\u2019s browser via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Solutions 2.6.1 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31002"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31002"
]
}
],
"title": "CVE-2025-24344"
},
{
"cve": "CVE-2025-24345",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cHosts\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the \u201chosts\u201d file in an unintended manner via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24345"
},
{
"cve": "CVE-2025-24346",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cProxy\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to manipulate the \u201c/etc/environment\u201d file via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24346"
},
{
"cve": "CVE-2025-24347",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cNetwork Interfaces\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24347"
},
{
"cve": "CVE-2025-24348",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cNetwork Interfaces\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the wireless network configuration file via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24348"
},
{
"cve": "CVE-2025-24349",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cNetwork Interfaces\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to delete the configuration of physical network interfaces via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24349"
},
{
"cve": "CVE-2025-24350",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cCertificates and Keys\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request. ",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24350"
},
{
"cve": "CVE-2025-24351",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cRemote Logging\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user \u201croot\u201d via a crafted HTTP request.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-24351"
},
{
"cve": "CVE-2025-27532",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A vulnerability in the \u201cBackup \u0026 Restore\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-04T08:00:00.000Z",
"details": "Update to Device Admin 2.6.9 which is available in the WAGO Download center.",
"product_ids": [
"CSAFPID-31001"
],
"url": "https://downloadcenter.wago.com/software/latest/ctrlx-os-image-ec400"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001"
]
}
],
"title": "CVE-2025-27532"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…