CNNVD-202602-1360 Information

Feb 09, 2026 cve

CNNVD ID

CNNVD-202602-1360

CVE-2026-22906

CNNVD Published: 2026-02-09

Description (Chinese)

WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328都是德国万可（WAGO）公司的一个工业级管理型以太网交换机。 WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328存在安全漏洞，该漏洞源于使用硬编码密钥的AES-ECB加密存储用户凭据，可能导致未经验证的远程攻击者解密并恢复明文用户名和密码。

Description (English)

WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 are both industrial-scale management-based Ethernet switches of WAGO, Germany. WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 have a security loophole, which stems from the use of hard-coded key-encrypted AES-ECB to store user documents, which could lead to unclassification and restoration of a user name and password.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

万可

Published

2026-02-09

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2026-004 https://access.redhat.com/security/cve/cve-2026-22906

Patch

https://www.wago.com/

Share on: