2 matches found
WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability
Summary An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized access to firmware update functionality. An...
WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability
Summary An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. Tested Versions WAGO PFC200 Firmware versi...