5 matches found
CVE-2019-5155
An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. This affects WAGO PFC200 Firmware version 03.02.0214, version...
Wago PFC200 Cloud Connectivity Multiple Command Injection (CVE-2019-5155)
An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. This affects WAGO PFC200 Firmware version 03.02.0214, version...
CVE-2019-5155
An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. This affects WAGO PFC200 Firmware version 03.02.0214, version...
CVE-2019-5155
An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. This affects WAGO PFC200 Firmware version 03.02.0214, version...
CVE-2019-5155
CVE-2019-5155 affects WAGO PFC200 controllers with the Cloud Connectivity service. The vulnerability is a command-injection flaw in the firmware update handling: unvalidated parameter values in the Firmware Update command can be used to run OS commands via system() as the iot user. Affected firmw...