CVE-2024-1490

CVE-2024-1490 affects WAGO PLCs via the web-based management interface (WBM) OpenVPN configuration. An authenticated remote attacker with high privileges can exploit the WBM to cause OpenVPN to execute arbitrary shell commands if user-defined scripts are allowed, enabling remote command execution...

WAGO PLC 代码注入漏洞

WAGO PLC is a programmable logic controller developed by the German company WAGO. WAGO PLC has a code injection vulnerability, which stems from improper OpenVPN configuration. This vulnerability may lead to the execution of arbitrary commands...

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is a digital algorithmic operating electronics system specifically designed for applications in industrial environments. A security vulnerability exists in WAGO that stems from the ability to manipulate user...

WAGO 输入验证错误漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is specifically designed to operate electronic systems for digital computing applications in industrial environments. An input validation error vulnerability exists in WAGO that originates from a low-privileged...

Exploit for OS Command Injection in Wago Compact_Controller_100_Firmware

wagoexploit.py - PoC Exploit for CVE-2023-1698 !WAGOhttp...

CVE-2018-25108 WAGO: Denial of service in 750-8xx controller due to uncontrolled resource consumption

An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource consumption...

CVE-2018-25108 WAGO: Denial of service in 750-8xx controller due to uncontrolled resource consumption

An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource consumption...

WAGO多款产品 访问控制错误漏洞

WAGO PFC100 and others are products of WAGO, a German company.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in several WAGO products. The vulnerability stems...

WAGO Controller BACnet Cross-Site Scripting Vulnerability

WAGO Controller BACnet is a series of controllers from WAGO Germany. A cross-site scripting vulnerability exists in WAGO Controller BACnet, which arises from improper neutralization of user input during web page generation. Affected products and versions: Controller BACnet/IP 750-831/xxx-xxx FW13...

PT-2023-2007 · Wago · Wago Cc100 +3

Name of the Vulnerable Software and Affected Versions: WAGO PFC100/PFC200 versions affected versions not specified WAGO CC100 versions affected versions not specified WAGO Edge Controller versions affected versions not specified WAGO Touch Panel 600 versions affected versions not specified...

WAGO PLC 跨站脚本漏洞

WAGO PLC is a programmable logic controller from WAGO, Germany. A cross-site scripting vulnerability exists in WAGO PLC, which can be used by an authorized attacker with user rights to access confidential information on a PC connected to the WBM...

WAGO PFC200 Stack Buffer Overflow Vulnerability

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A buffer error vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability can be exploited by an attacker to execute code with the help of a specially crafted XML cache file...

WAGO PFC200 Operating System Command Injection Vulnerability

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. An operating system command injection vulnerability exists in the cloud connectivity feature of the WAGO PFC 200 with firmware versions 03.02.0214, 03.01.0713, and 03.00.3912, where an attacker can execute illeg...

WAGO PFC 200 Data Forgery Problem Vulnerability

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. A remote code execution vulnerability exists in the cloud connectivity feature of the WAGO PFC 200 using firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. The vulnerability can be exploited by an attacke...

WAGO PFC200 Stack Buffer Overflow Vulnerability (CNVD-2020-16849)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A stack buffer overflow vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker could exploit this vulnerability via a specially crafted XML cache file to achieve code...

CVE-2019-5075

An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.0713 and 03.00.3912, and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a...

SEC Consult SA-20140710-3 :: Design Issue / Password Disclosure in WAGO-I/O-SYSTEM with CODESYS V2.3 WebVisu

SEC Consult Vulnerability Lab Security Advisory 20140710-3 ======================================================================= title: Design Issue / Password Disclosure product: All WAGO-I/O-SYSTEMs which provide a CODESYS V2.3 WebVisu vulnerable version: Systems which are programmable with =...