CVE-2019-5134
N/A
N/A
Summary
An exploitable regular expression without anchors vulnerability exists in the Web-Based Management (WBM) authentication functionality of WAGO PFC200 versions 03.00.39(12) and 03.01.07(13), and WAGO PFC100 version 03.00.39(12). A specially crafted authentication request can bypass regular expression filters, resulting in sensitive information disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Wago | WAGO PFC200 Firmware | version 03.00.39(12) | affected |
| Wago | WAGO PFC200 Firmware | version 03.01.07(13) | affected |
| Wago | WAGO PFC100 Firmware | version 03.00.39(12) | affected |
Weaknesses
- regular expression without anchors
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.