WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

Advisories

severity: high
date: January 13, 2026
Affecting: WAGO 750-8212 PFC200 Firmware version 03.05.10(17)
CVE: CVE-2022-50926
CWE: CWE-565 Reliance on Cookies without Validation and Integrity Checking
CVSS: 8.7
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-50793
Official Vendor Homepage
Credit: Momen Eldawakhly (Cyber Guy) at Cypro AB
Description: WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.