Security Advisory

CVE-2024-1490

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-09 10:52:41

Last updated 2026-04-09 16:15:38

Assigner CERTVDE

State PUBLISHED

Description

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on the device.

← Browse all CVEs View on cve.org ↗