CNNVD-202602-1363 Information

Feb 09, 2026 cve

CNNVD ID

CNNVD-202602-1363

CVE-2026-22903

CNNVD Published: 2026-02-09

Description (Chinese)

WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328都是德国万可（WAGO）公司的一个工业级管理型以太网交换机。 WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328存在安全漏洞，该漏洞源于解析包含过长SESSIONID cookie的特制HTTP请求时存在栈缓冲区溢出，可能导致服务崩溃和远程代码执行。

Description (English)

WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 are both industrial-scale management-based Ethernet switches of WAGO, Germany. There is a security gap between WHO Industrial-Managed-Switch 0852-1322 and WHO Industrial-Managed-Switch 0852-1328, which stems from the presence of a buffer zone at the time of the analysis of a specially designed HTTP request containing too long SESSIONID cookies, which could lead to service collapse and remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

万可

Published

2026-02-09

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2026-004 https://access.redhat.com/security/cve/cve-2026-22903

Patch

https://www.wago.com/

Share on: