17 July 2018

Multiple vulnerabilities fixed in WAGO operator panels

WAGO has fixed multiple vulnerabilities in e!DISPLAY 7300T series HMI devices, including an XSS vulnerabilitiy (CVE-2018-12981), an unrestricted file uploading vulnerability (CVE2018-12980) and a weak file permissions vulnerability (CVE-2018-12979).

The vulnerabilities affect the following e!DISPLAY models with firmware version 01:

  • 7300T 762-3000
  • 762-3001
  • 762-3002
  • 762-3003.

The vendor has fixed the above vulnerabilities in firmware version 02.

Source: WAGO