2 matches found
Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5181)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in cod...
CVE-2019-5181
CVE-2019-5181 affects WAGO PFC200 with the iocheckd service “I/O-Check.” A crafted cache file at /tmp/iocheckCache.xml is parsed by iocheckd, triggering stack-based buffer overflows via sscanf/sprintf usage in multiple config nodes (e.g., hostname, subnetmask, gateway, etc.). The root cause is un...