Lucene search

[email protected]CVE-2021-34568

HistoryNov 09, 2022 - 4:15 p.m.

CVE-2021-34568

2022-11-0916:15:00

CWE-770

[email protected]

web.nvd.nist.gov

cve-2021-34568

wago

i/o-check service

denial of service

os commands

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.3%

JSON

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.

CPENameOperatorVersion
wago:750-8100_firmwarewago 750-8100 firmwarelt18
wago:750-8101_firmwarewago 750-8101 firmwarelt18
wago:750-8101\/025-000_firmwarewago 750-8101\/025-000 firmwarelt18
wago:750-8102_firmwarewago 750-8102 firmwarelt18
wago:750-8102\/025-000_firmwarewago 750-8102\/025-000 firmwarelt18
wago:750-8202_firmwarewago 750-8202 firmwarelt18
wago:750-8202\/000-011_firmwarewago 750-8202\/000-011 firmwarelt18
wago:750-8202\/000-012_firmwarewago 750-8202\/000-012 firmwarelt18
wago:750-8202\/000-022_firmwarewago 750-8202\/000-022 firmwarelt18
wago:750-8202\/025-000_firmwarewago 750-8202\/025-000 firmwarelt18

CPE	Name	Operator	Version
wago:750-8100_firmware	wago 750-8100 firmware	lt	18
wago:750-8101_firmware	wago 750-8101 firmware	lt	18
wago:750-8101\/025-000_firmware	wago 750-8101\/025-000 firmware	lt	18
wago:750-8102_firmware	wago 750-8102 firmware	lt	18
wago:750-8102\/025-000_firmware	wago 750-8102\/025-000 firmware	lt	18
wago:750-8202_firmware	wago 750-8202 firmware	lt	18
wago:750-8202\/000-011_firmware	wago 750-8202\/000-011 firmware	lt	18
wago:750-8202\/000-012_firmware	wago 750-8202\/000-012 firmware	lt	18
wago:750-8202\/000-022_firmware	wago 750-8202\/000-022 firmware	lt	18
wago:750-8202\/025-000_firmware	wago 750-8202\/025-000 firmware	lt	18

Rows per page:

1-10 of 491

References

cert.vde.com/en/advisories/VDE-2020-036/

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

53.3%

JSON

Related for CVE-2021-34568

prion1 nessus1 threatpost1 thn1