Unrestricted upload of file with dangerous type in WAGO Hardware solutions

#VU13848 Unrestricted upload of file with dangerous type in WAGO Hardware solutions

Published: 2021-06-17

Vulnerability identifier: #VU13848

Vulnerability risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-12980

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
WAGO e!DISPLAY 7300T 762-300
Hardware solutions / Firmware
WAGO e!DISPLAY 7300T 762-3002
Hardware solutions / Firmware
WAGO e!DISPLAY 7300T 762-3001
Hardware solutions / Firmware
WAGO e!DISPLAY 7300T 762-3000
Hardware solutions / Firmware

Vendor: WAGO

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions.

The weakness exists due to unrestricted upload of file with dangerous type. A remote attacker can upload arbitrary files to the file system with the permissions of the web server.

Mitigation
Update to version 02.

Vulnerable software versions

WAGO e!DISPLAY 7300T 762-300: 01

WAGO e!DISPLAY 7300T 762-3002: 01

WAGO e!DISPLAY 7300T 762-3001: 01

WAGO e!DISPLAY 7300T 762-3000: 01

External links
http://www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYwfGFwcGxpY2F0aW9uL3Bk...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in WAGO e!DISPLAY