PT-2026-27066 · Wago · Industrial Managed Switch 852-1305+15
Published
2026-03-23
·
Updated
2026-03-23
·
CVE-2026-3587
CVSS v3.1
10
Critical
| AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and gain root access to the underlying Linux based OS, leading to full compromise of the device.
Fix
Hidden Functionality
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Industrial Managed Switch 852-1305
Industrial Managed Switch 852-1305-000-001
Industrial Managed Switch 852-1505
Industrial Managed Switch 852-1505-000-001
Industrial Managed Switch 852-1605
Industrial Managed Switch 852-303
Industrial Managed Switch 852-602
Industrial Managed Switch 852-603
Lean Managed Switch 852-1812
Lean Managed Switch 852-1812-010-000
Lean Managed Switch 852-1813
Lean Managed Switch 852-1813-000-001
Lean Managed Switch 852-1813-010-000
Lean Managed Switch 852-1813/010-001
Lean Managed Switch 852-1816
Lean Managed Switch 852-1816-010-000