4 matches found
WAGO PFC200 Series Improper Authentication (CVE-2018-5459)
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker...
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection
Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000...
CVE-2018-5459
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker...
CVE-2018-5459
Affected product: WAGO PFC200 Series with CoDeSys Runtime (3S) versions 2.3.x and 2.4.x. Vulnerability: Improper Authentication allows unauthenticated remote operations over network port 2455 (TCP), enabling reading, writing, or deleting arbitrary files and PLC runtime manipulation. Root cause: C...