CVE-2026-3587 is a critical remote compromise issue affecting multiple WAGO industrial managed switch models in the 852 family. The advisory states that an unauthenticated attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and reach root-level access, resulting in full device compromise. CISA’s CSAF republication ties the issue to WAGO GmbH & Co. KG industrial mana [truncated]
CVE-2016-9362 is a critical authentication flaw in the web server of several WAGO controllers. According to the CVE description, an attacker can use a specific URL to view and edit settings without authenticating. The issue was publicly disclosed on 2017-02-13 and carries a CVSS 3.0 score of 9.1.