Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-3587

Summary
Assigner-CERTVDE
Assigner Org ID-270ccfa6-a436-4e77-922e-914ec3a9685c
Published At-23 Mar, 2026 | 07:49
Updated At-24 Mar, 2026 | 07:38
Rejected At-
Credits

Hidden CLI Function Allows Root Access

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CERTVDE
Assigner Org ID:270ccfa6-a436-4e77-922e-914ec3a9685c
Published At:23 Mar, 2026 | 07:49
Updated At:24 Mar, 2026 | 07:38
Rejected At:
â–¼CVE Numbering Authority (CNA)
Hidden CLI Function Allows Root Access

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

Affected Products
Vendor
WAGO
Product
Lean Managed Switch 852-1812
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1813
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1813-000-001
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.3.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1816
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-303
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.8.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-1305
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.0.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-1305-000-001
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.0.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-1505-000-001
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.0.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-1505
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.1.9.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-602
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.0.6.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-603
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.0.6.S0 (semver)
Vendor
WAGO
Product
Industrial Managed Switch 852-1605
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.5.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1812-010-000
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1813-010-000
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1816-010-000
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Vendor
WAGO
Product
Lean Managed Switch 852-1813/010-001
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before V1.2.1.S0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-912CWE-912 Hidden Functionality
Type: CWE
CWE ID: CWE-912
Description: CWE-912 Hidden Functionality
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://certvde.com/de/advisories/VDE-2026-020
N/A
Hyperlink: https://certvde.com/de/advisories/VDE-2026-020
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:info@cert.vde.com
Published At:23 Mar, 2026 | 08:16
Updated At:24 Mar, 2026 | 08:16

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-912Secondaryinfo@cert.vde.com
CWE ID: CWE-912
Type: Secondary
Source: info@cert.vde.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://certvde.com/de/advisories/VDE-2026-020info@cert.vde.com
N/A
Hyperlink: https://certvde.com/de/advisories/VDE-2026-020
Source: info@cert.vde.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2025-41672
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-10||CRITICAL
EPSS-0.34% / 57.11%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 06:17
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Vulnerability in WAGO Device Sphere

A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices.

Action-Not Available
Vendor-WAGO
Product-Wago Device Sphere
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2021-20998
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-10||CRITICAL
EPSS-0.17% / 38.07%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 13:45
Updated-17 Sep, 2024 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Managed Switches: Unauthorized creation of user accounts

In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users.

Action-Not Available
Vendor-wagoWAGO
Product-0852-1305_firmware0852-13050852-1305\/000-001_firmware0852-1505\/000-0010852-0303_firmware0852-1305\/000-0010852-1505\/000-001_firmware0852-1505_firmware0852-03030852-15050852-13050852-1305/000-0010852-1505/000-0010852-03030852-1505
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-12522
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-10||CRITICAL
EPSS-0.19% / 41.29%
||
7 Day CHG~0.00%
Published-17 Dec, 2020 | 22:40
Updated-16 Sep, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection Vulnerability in I/O-Check Service of WAGO PFC100, PFC200 and Touch Panel 600 Series with firmware versions <=FW10

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.

Action-Not Available
Vendor-wagoWAGO
Product-750-8212\/025-002762-4304\/8000-002762-4303\/8000-002750-8211\/040-001touch_panel_600_marine_firmware762-4301\/8000-002750-8207\/025-000750-8202\/040-000pfc_100_firmware750-8210\/040-000750-8216\/025-001762-5303\/8000-002750-8210\/025-000762-4302\/8000-002touch_panel_600_advanced_firmware750-8206\/040-001750-8202\/040-001750-8206\/040-000750-8206\/025-000750-8211\/040-000750-8102\/025-000750-8217\/025-000762-6201\/8000-001750-8212\/025-000750-8212\/025-001750-8213\/040-010750-8207\/025-001762-5304\/8000-002pfc_200_firmware750-8101\/025-000750-8206\/025-001750-8216\/025-000750-8202\/000-012750-8202\/000-022750-8208\/025-001762-6203\/8000-001touch_panel_600_standard_firmware762-6202\/8000-001750-8208\/025-000750-8212\/040-010750-8212\/040-000762-6204\/8000-001Series PFC 100 (750-81xx/xxx-xxx)Series Wago Touch Panel 600 Standard Line (762-4xxx)Series Wago Touch Panel 600 Marine Line (762-6xxx)Series Wago Touch Panel 600 Advanced Line (762-5xxx)Series PFC 200 (750-82xx/xxx-xxx)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-3843
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-9.1||CRITICAL
EPSS-0.63% / 70.77%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 14:58
Updated-18 Mar, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Exposure of configuration interface in unmanaged switches

In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.

Action-Not Available
Vendor-wagoWAGO
Product-852-111\/000-001_firmware852-111\/000-001Unmanaged Switch 852-111/000-001
CWE ID-CWE-912
Hidden Functionality
CVE-2024-39754
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-0.34% / 57.52%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:21
Updated-21 Aug, 2025 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets to trigger this vulnerability.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-wn533a8_firmwarewl-wn533a8Wavlink AC3000
CWE ID-CWE-912
Hidden Functionality
Details not found