Multiple vulnerabilities in WAGO PFC200 and WAGO PFC100 Controllers
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 28 |
| CVE-ID | CVE-2019-5174 CVE-2019-5173 CVE-2019-5172 CVE-2019-5171 CVE-2019-5170 CVE-2019-5169 CVE-2019-5168 CVE-2019-5175 CVE-2019-5167 CVE-2019-5149 CVE-2019-5134 CVE-2019-5135 CVE-2019-5181 CVE-2019-5180 CVE-2019-5179 CVE-2019-5178 CVE-2019-5177 CVE-2019-5182 CVE-2019-5176 CVE-2019-5155 CVE-2019-5156 CVE-2019-5160 CVE-2019-5161 CVE-2019-5157 CVE-2019-5166 CVE-2019-5184 CVE-2019-5186 CVE-2019-5185 |
| CWE-ID | CWE-78 CWE-777 CWE-208 CWE-119 CWE-284 CWE-345 CWE-415 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #11 is available. Public exploit code for vulnerability #25 is available. Public exploit code for vulnerability #26 is available. |
| Vulnerable software Subscribe |
Wago PFC200 Controller Hardware solutions / Firmware WAGO PFC100 Controller Hardware solutions / Firmware |
| Vendor | WAGO |
Security Bulletin
This security bulletin contains information about 28 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU26283
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5174
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "subnetmask" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) OS Command Injection
EUVDB-ID: #VU26282
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5173
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "state" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) OS Command Injection
EUVDB-ID: #VU26281
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5172
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "ntp" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) OS Command Injection
EUVDB-ID: #VU26280
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5171
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "ip" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) OS Command Injection
EUVDB-ID: #VU26279
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5170
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "hostname" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) OS Command Injection
EUVDB-ID: #VU26278
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5169
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "gateway" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) OS Command Injection
EUVDB-ID: #VU26277
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5168
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "domainname" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) OS Command Injection
EUVDB-ID: #VU26276
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5175
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "type" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) OS Command Injection
EUVDB-ID: #VU26275
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5167
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the iocheckd service "I/O-Check" function in the "dns" value. A remote authenticated attacker can use a specially crafted XML cache file and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Insufficient Resource Pool
EUVDB-ID: #VU26274
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5149
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists within the Web-Based Management (WBM) due to the default configuration of the FastCGI module appears to limit the number of concurrent php-cgi processes to two. A remote attacker can trigger resource exhaustion and cause a denial of service condition on the target webserver.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWAGO PFC100 Controller: 03.00.39(12) - 03.02.02(14)
Wago PFC200 Controller: 03.00.39(12) - 03.01.07(13)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0939
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Regular Expression without Anchors
EUVDB-ID: #VU26273
Risk: Medium
CVSSv3.1: 5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C]
CVE-ID: CVE-2019-5134
CWE-ID:
CWE-777 - Regular Expression without Anchors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the regular expression without anchors issue in the Web-Based Management (WBM) authentication functionality. A remote attacker can use a specially crafted authentication request to bypass regular expression filters and gain access to sensitive information on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.01.07(13)
WAGO PFC100 Controller: 03.00.39(12)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0923
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Information Exposure Through Timing Discrepancy
EUVDB-ID: #VU26272
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5135
CWE-ID:
CWE-208 - Information Exposure Through Timing Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the an exploitable timing discrepancy issue in the authentication functionality of the Web-Based Management (WBM) web application. A remote attacker can exploit the PHP "crypt()" function and disclose hashed user credentials.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWAGO PFC100 Controller: 03.00.39(12)
Wago PFC200 Controller: 03.00.39(12) - 03.01.07(13)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0924
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU26271
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5181
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "subnetmask" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU26270
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5180
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "ip" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU26269
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5179
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "ntp" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU26268
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5178
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "hostname" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Buffer overflow
EUVDB-ID: #VU26267
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5177
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "domainname" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Buffer overflow
EUVDB-ID: #VU26266
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5182
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "type" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Buffer overflow
EUVDB-ID: #VU26265
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5176
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality in the "gateway" value. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) OS Command Injection
EUVDB-ID: #VU26264
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5155
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the Cloud Connectivity feature. A remote administrator can inject arbitrary OS commands into any of the parameter values contained in the Firmware Update command.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0948
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) OS Command Injection
EUVDB-ID: #VU26262
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5156
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the Cloud Connectivity functionality in the "TimeoutPrepared" parameter. A remote administrator can execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0949
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper access control
EUVDB-ID: #VU26261
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5160
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the Cloud Connectivity functionality. A remote administrator can use a specially crafted HTTPS POST request, bypass implemented security restrictions and gain unauthorized access to firmware update functionality.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0953
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Insufficient verification of data authenticity
EUVDB-ID: #VU26258
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5161
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists within the Cloud Connectivity functionality due to the affected software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data. A remote administrator can use a specially crafted XML file and execute a shell script with root privileges.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0954
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) OS Command Injection
EUVDB-ID: #VU26256
Risk: Medium
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5157
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the Cloud Connectivity functionality in the "TimeoutUnconfirmed" parameter value contained in the Firmware Update command. A remote administrator can execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.00.39(12) - 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0950
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Buffer overflow
EUVDB-ID: #VU26255
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2019-5166
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality. A remote authenticated attacker can use a specially crafted XML cache file, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2019-0961
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
26) Double Free
EUVDB-ID: #VU26254
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2019-5184
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the iocheckd service "I/O-Check" functionality. A remote authenticated attacker can use a specially crafted XML cache file, trigger double free error and cause a denial of service condition on the target system, leading to remote code execution.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0965
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
27) Buffer overflow
EUVDB-ID: #VU26253
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5186
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists within the "interface" parameter due to a boundary error in the iocheckd service "I/O-Check" functionality. A remote authenticated attacker can use a specially crafted xml cache file, trigger memory corruption and cause a denial of service condition on the target system, leading to remote code execution.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0966
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Buffer overflow
EUVDB-ID: #VU26252
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2019-5185
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists within the "state" parameter due to a boundary error in the iocheckd service "I/O-Check" functionality. A remote authenticated attacker can use a specially crafted xml cache file, trigger memory corruption and cause a denial of service condition on the target system, leading to remote code execution.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWago PFC200 Controller: 03.02.02(14)
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0966
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
