{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2328", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2026-02-11T08:12:03.792Z", "datePublished": "2026-03-30T06:55:31.424Z", "dateUpdated": "2026-03-30T18:08:02.801Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Device Sphere", "vendor": "WAGO", "versions": [{"lessThan": "1.2.2", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Solution Builder", "vendor": "WAGO", "versions": [{"lessThan": "2.4.2", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Marvin Ramsperger from SySS GmbH"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.<br>"}], "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-790", "description": "CWE-790 Improper Filtering of Special Elements", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-03-30T06:55:31.424Z"}, "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-010"}], "source": {"advisory": "VDE-2026-010", "defect": ["CERT@VDE#641951"], "discovery": "UNKNOWN"}, "title": "Backend Access Due to Insufficient Input Validation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T18:07:40.900442Z", "id": "CVE-2026-2328", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:08:02.801Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2328", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T18:07:40.900442Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:07:47.137Z"}}], "cna": {"title": "Backend Access Due to Insufficient Input Validation", "source": {"defect": ["CERT@VDE#641951"], "advisory": "VDE-2026-010", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Marvin Ramsperger from SySS GmbH"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "WAGO", "product": "Device Sphere", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "1.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "WAGO", "product": "Solution Builder", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "2.4.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-010"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.", "supportingMedia": [{"type": "text/html", "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-790", "description": "CWE-790 Improper Filtering of Special Elements"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-03-30T06:55:31.424Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2328", "state": "PUBLISHED", "dateUpdated": "2026-03-30T18:08:02.801Z", "dateReserved": "2026-02-11T08:12:03.792Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2026-03-30T06:55:31.424Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information."}], "id": "CVE-2026-2328", "lastModified": "2026-03-30T13:26:07.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2026-03-30T08:16:17.210", "references": [{"source": "info@cert.vde.com", "url": "https://certvde.com/de/advisories/VDE-2026-010"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-790"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,1.2.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Device Sphere", "source": "cna", "vendor": "WAGO"}, "product": "device_sphere", "vendor": "wago"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.4.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Solution Builder", "source": "cna", "vendor": "WAGO"}, "product": "solution_builder", "vendor": "wago"}], "analysis": {"en": {"generated_at": "2026-03-30T08:50:29.685269+00:00", "value": {"mitigation_remediation": ["Check the WAGO website or vendor portal for a patch or service pack that addresses the path traversal issue", "Apply the vendor\u2011supplied fix as soon as it becomes available", "If a fix has not been released, restrict network access to the Device Sphere and Solution Builder instances by firewalling or isolating them from untrusted networks", "Monitor logs and network traffic for abnormal path traversal attempts or unauthorized backend access"], "summary": {"action": "Check for Patch", "impact": "Unauthenticated remote path traversal exposing sensitive backend information"}, "threat_synthesis": {"affected_systems": "The affected products are WAGO Device Sphere and WAGO Solution Builder. Version data is not provided, so any installation of these products should be considered potentially vulnerable.", "description_and_impact": "An unauthenticated attacker can use insufficient input validation to perform a path traversal that reaches backend components beyond the intended boundaries. The flaw allows reading files and data that should be protected, leading to the exposure of sensitive information.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity. EPSS information is not available, and the vulnerability is not listed in the CISA KEV catalog. The description specifies a remote, unauthenticated attacker, so the attack vector is inferred to be network based. No explicit exploitation examples are disclosed, but the high severity score signals significant risk if the flaw remains unpatched."}}}}, "created": "2026-03-30T20:56:07.468479+00:00", "updated": "2026-03-31T20:41:14.953476+00:00", "vendors": ["wago", "wago$PRODUCT$device_sphere", "wago$PRODUCT$solution_builder"]}