CVE-2022-50926 HIGH

CVE-2022-50926: WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

Vendor Wago
Product WAGO 750-8212 PFC200
Weakness CWE-565 · Reliance on cookies
Published January 13, 2026
Last update January 14, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.

Key dates

02Disclosure timeline

January 13, 2026 CVE published
January 14, 2026 Record updated