2 matches found
Wago PFC200 iocheckd service 'I/O-Check' cache Memory Corruption (CVE-2019-5186)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...
CVE-2019-5186
Summary: CVE-2019-5186 affects the WAGO PFC200 iocheckd service (“I/O-Check”). A stack buffer overflow is triggered while parsing the XML cache file (/tmp/iocheckCache.xml). In the vulnerable path, the code uses sprintf to write into a 512-byte stack buffer, leading to overflow, and subsequently ...