CNNVD-202602-1362 Information

Feb 09, 2026 cve

CNNVD ID

CNNVD-202602-1362

CVE-2026-22904

CNNVD Published: 2026-02-09

Description (Chinese)

WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328都是德国万可（WAGO）公司的一个工业级管理型以太网交换机。 WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328存在安全漏洞，该漏洞源于解析多个cookie字段时长度处理不当，可能导致未经验证的远程攻击者发送超大cookie值触发栈缓冲区溢出，造成拒绝服务或远程代码执行。

Description (English)

WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 are both industrial-scale management-based Ethernet switches of WAGO, Germany. There is a security loophole between WHO Industrial-Managed-Switch 0852-1322 and WHO Industrial-Managed-Switch 0852-1328, which stems from the mishandling of multiple cookies fields at the time of deciphering, which could result in an unverified remote attacker sending an ultra-cookie value to trigger a buffer zone, causing a service denial or remote code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

万可

Published

2026-02-09

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2026-004 https://access.redhat.com/security/cve/cve-2026-22904

Patch

https://www.wago.com/

Share on: