In multiple managed switches by WAGO in different versions an attacker may trick a legitimate user to click a link to inject possible malicious code into the Web-Based Management.

In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.

In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials.

In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users.

In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.

In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.