WAGO 缓冲区错误漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is specifically designed for use in industrial environments as an electronic system for the operation of digital algorithms. A buffer error vulnerability exists in the WAGO I/O-Check Service, which originates fr...

CVE-2019-5172

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value from the xml file is us...