3 matches found
CVE-2019-5178
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5178)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
CVE-2019-5178
CVE-2019-5178 affects WAGO PFC200 controllers (iocheckd) with a stack buffer overflow in the I/O-Check cache parsing workflow. The iocheckCache.xml hostname parameter can overflow a 1024-byte destination buffer via sprintf(), when hostname length exceeds a threshold (example provided 0x3fd). The ...