WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16842)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker can exploit this vulnerability to inject OS commands via specially crafted XML cache files...

WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16845)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability arises from a network system or product not properly filtering special characters, commands,...

CVE-2019-5167

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...

WAGO PFC 200 Buffer Overflow Vulnerability (CNVD-2020-16628)

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. A buffer overflow vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC 200. An attacker can exploit this vulnerability to cause a denial of service or possibly execute code with...

WAGO PFC 200 Buffer Overflow Vulnerability

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. A buffer overflow vulnerability exists in the I/O-Check function in the WAGO PFC 200. The vulnerability originates when a networked system or product performs an operation on memory without properly validating...