CyberSec.Space Logo
Back to CVE Browser

CVE-2019-5173

HIGH
7.8
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile28.53th
PublishedMar 11, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e9fc the extracted state value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=<contents of state node> using sprintf(). This command is later executed via a call to system().

Affected Platforms (CPE)

💻
Wago

Pfc200 Firmware

= 03.02.02\(14\)

References & Advisories

🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962
🔗 https://talosintelligence.com/vulnerability_reports/TALOS-2019-0962

Related Vulnerabilities

CVE-2019-50799.8

An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware...

CVE-2019-50759.8

An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware ve...

CVE-2019-50749.8

An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmw...

CVE-2019-50829.8

An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware v...