CVE-2025-41672

Summary

A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices.

Affected Software

VendorProductVersion RangeStatus
WAGOWago Device Sphere1.0.0affected

Weaknesses

  • CWE-1188: CWE-1188

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References