Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTalosCVELIST:CVE-2019-5180
HistoryMar 11, 2020 - 11:30 p.m.

CVE-2019-5180

2020-03-1123:30:46
talos
www.cve.org
3

EPSS

0.001

Percentile

22.7%

JSON

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any ip values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=‘) in length. A ip value of length 0x3da will cause the service to crash.

CNA Affected

[
  {
    "product": "WAGO PFC200",
    "vendor": "Wago",
    "versions": [
      {
        "status": "affected",
        "version": "Firmware version 03.02.02(14)"
      }
    ]
  }
]

Related

nvd 1
prion 1
nessus 1
cve 1
talos 1
nvd
nvd
CVE-2019-5180
2020-03-12 00:15:18
prion
prion
Stack overflow
2020-03-12 00:15:00
nessus
nessus
Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5180)
2023-02-14 00:00:00
cve
cve
CVE-2019-5180
2020-03-12 00:15:18
talos
talos
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities
2020-03-09 00:00:00

EPSS

0.001

Percentile

22.7%

JSON
Related for CVELIST:CVE-2019-5180
nvd1prion1nessus1cve1talos1