3 matches found
CVE-2019-5185
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as a...
Wago PFC200 iocheckd service 'I/O-Check' cache Memory Corruption (CVE-2019-5185)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as an...
CVE-2019-5185
CVE-2019-5185 affects the WAGO PFC200 controller’s iocheckd service (I/O-Check). A crafted XML cache file placed at /tmp/iocheckCache.xml can trigger a stack buffer overflow while parsing the node: the code uses sprintf() into a fixed 512-byte stack buffer and then copies it with strcpy() to an ...