Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTalosCVELIST:CVE-2019-5176
HistoryMar 11, 2020 - 11:24 p.m.

CVE-2019-5176

2020-03-1123:24:58
talos
www.cve.org

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

JSON

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is overflowed with the call to sprintf() for any gateway values that are greater than 512-len(‘/etc/config-tools/config_default_gateway number=0 state=enabled value=‘) in length. A gateway value of length 0x7e2 will cause the service to crash.

CNA Affected

[
  {
    "product": "WAGO PFC200",
    "vendor": "Wago",
    "versions": [
      {
        "status": "affected",
        "version": "Firmware version 03.02.02(14)"
      }
    ]
  }
]

Related

nvd 1
nessus 1
cve 1
prion 1
talos 1
nvd
nvd
CVE-2019-5176
2020-03-12 00:15:18
nessus
nessus
Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5176)
2023-02-14 00:00:00
cve
cve
CVE-2019-5176
2020-03-12 00:15:18
prion
prion
Stack overflow
2020-03-12 00:15:00
talos
talos
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities
2020-03-09 00:00:00

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

JSON
Related for CVELIST:CVE-2019-5176
nvd1nessus1cve1prion1talos1