HIGHCVE-2026-2328Published Modified CNA CERTVDE
CVE-2026-2328: Backend Access Due to Insufficient Input Validation
An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- 1.2.2
- Affected Products
- 2
Fix available
1.2.22.4.2
Affected packages
- WAGO / Device Sphere< 1.2.2 (from 0.0.0)
- WAGO / Solution Builder< 2.4.2 (from 0.0.0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NReferences