3 matches found
Wago PFC200 Cloud Connectivity Remote Code Execution (CVE-2019-5161)
An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. Th...
CVE-2019-5161
CVE-2019-5161 affects WAGO PFC200 Cloud Connectivity. Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12) process a remote XML to download and execute a shell script with root privileges. The TALOS writeup details an unvalidated path/filename flow in the firmware update process: after ...
CVE-2019-5161
An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges...