CVE-2022-50926

HIGH EPSS 37.6%

Published Jan 13, 20265mo ago · Modified Jun 17, 20261w ago

8.7 CVSS 4.0

High

Published Jan 13, 2026 5mo ago

Last Modified Jun 17, 2026 1w ago

Description

WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.

CVSS Details

Base Score

8.7

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

37.6% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-565

References 3

exploit-db.com https://www.exploit-db.com/exploits/50793
vulncheck.com https://www.vulncheck.com/advisories/wago-pfc-g-eth-rs-privilege-escalation
wago.com https://www.wago.com

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.