CNNVD-202509-3887 Information
CNNVD ID
CNNVD-202509-3887
Related CVE
- CNNVD Published: 2025-09-24
Description (Chinese)
WAGO Device Sphere和WAGO Solution Builder都是德国万可(WAGO)公司的产品。WAGO Device Sphere是一个设备管理系统。WAGO Solution Builder是一款项目配置与工程设计平台。 WAGO Device Sphere和WAGO Solution Builder存在访问控制错误漏洞,该漏洞源于Web应用程序数据库未经验证即可访问,可能导致未经验证的远程攻击者获得未经授权的访问权限。
Description (English)
WAGO Device Sphere and WAGO Solutions Builder are products of the German company WAGO. WAGO Device Sphere is an equipment management system. WAGO Solutions Builder is a project configuration and engineering design platform. There is an error access control loophole between WAGO Device Sphere and WAGO Solutions Builder, which stems from the unverified access to the Web application database, which may result in unauthorized access to uncertified remote assailants.
Hazard Level
Low
Vulnerability Type
访问控制错误
Affected Vendor
万可
Published
2025-09-24
Last Modified
2026-02-24
References
https://certvde.com/de/advisories/VDE-2025-087 https://access.redhat.com/security/cve/cve-2025-41715
Patch
https://downloadcenter.wago.com/wago/software
Share on: