CVE-2026-22905 | WAGO 0852-1322/0852-1328 up to 2.64 CGI Endpoint /js/../cgi-bin/post.cgi path traversal (VDE-2026-004)

Inserito da Angelo Barbosa | Feb 9, 2026 | CVE

A vulnerability described as critical has been identified in WAGO 0852-1322 and 0852-1328 up to 2.64. Affected by this issue is some unknown functionality of the file /js/../cgi-bin/post.cgi of the component CGI Endpoint. Such manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-22905. The attack can be launched remotely. No exploit exists.

CVE-2026-22905 | WAGO 0852-1322/0852-1328 up to 2.64 CGI Endpoint /js/../cgi-bin/post.cgi path traversal (VDE-2026-004)

Post correlati

CVE-2025-7144 | SourceCodester Best Salon Management System 1.0 Admin Profile Page /panel/admin-profile.php Admin Name cross site scripting

CVE-2025-14801 | xiweicheng TMS up to 2.28.0 create createComment content cross site scripting

CVE-2024-50508 | Chetan Khandla Woocommerce Product Design Plugin up to 1.0.0 on WordPress path traversal

CVE-2025-12416 | Pagerank Tools Plugin up to 1.1.5 on WordPress pr_save_settings cross-site request forgery