Close Menu
    Subscribe
    Alerts

    CVE-2023-5872 | THREATINT

    adminBy No Comments1 Min Read


    Home

    Description

    In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint.

    PUBLISHED Reserved 2023-10-31 | Published 2026-04-16 | Updated 2026-04-16 | Assigner CERTVDE

    MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    Problem types

    CWE-203 Observable Discrepancy

    Product status

    Default status
    unaffected

    0.0.0 (semver)
    affected

    Credits

    Brett Dewall from White Oak Security reporter

    References

    certvde.com/de/advisories/VDE-2023-045

    wago.csaf-tp.certvde.com/…saf/white/2023/vde-2023-045.json vendor-advisory

    cve.org (CVE-2023-5872)

    nvd.nist.gov (CVE-2023-5872)

    Download JSON



    Source link

    Share.

    Related Posts

    Add A Comment

    Comments are closed.